[Registry] [Bug 610782] Re: Private data leakage in MW >= 1.8

Launchpad Bug Tracker Thu, 29 Jul 2010 05:21:20 -0700

This bug was fixed in the package mediawiki - 1:1.15.5-1

---------------
mediawiki (1:1.15.5-1) unstable; urgency=high


  [ Thorsten Glaser ]
  * debian/patches/suppress_warnings.patch: new, suppress warnings
    about session_start() being called twice also in the PHP error
    log, not just MediaWiki’s, for example run from FusionForge

  [ Jonathan Wiltshire ]
  * New upstream security release:
    - correctly set caching headers to prevent private data leakage
         (closes: #590660, LP: #610782)
    - fix XSS vulnerability in profileinfo.php
         (closes: #590669, LP: #610819)
 -- Jonathan Wiltshire <[email protected]>   Wed, 28 Jul 2010 12:23:04 
+0100

** Changed in: mediawiki (Ubuntu)
       Status: New => Fix Released

-- 
Private data leakage in MW >= 1.8
https://bugs.launchpad.net/bugs/610782
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for Debian.

_______________________________________________
Mailing list: https://launchpad.net/~registry
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~registry
More help   : https://help.launchpad.net/ListHelp

[Registry] [Bug 610782] Re: Private data leakage in MW >= 1.8

Reply via email to