This bug was fixed in the package mediawiki - 1:1.11.2-2ubuntu0.3
---
mediawiki (1:1.11.2-2ubuntu0.3) hardy-security; urgency=low
* SECURITY UPDATE: Multiple cross-site scripting (XSS) vulnerabilities in
the web-based installer (config/index.php). (LP: #348858)
- CVE-2009-07
This bug was fixed in the package mediawiki - 1:1.12.0-2ubuntu0.3
---
mediawiki (1:1.12.0-2ubuntu0.3) intrepid-security; urgency=low
* SECURITY UPDATE: Multiple cross-site scripting (XSS) vulnerabilities in
the web-based installer (config/index.php). (LP: #348858)
- CVE-2009
duh...it's diff-generated. Nothing to see here, please move along...
** Changed in: mediawiki (Ubuntu Hardy)
Assignee: Marc Deslauriers (mdeslaur) => (unassigned)
Status: Incomplete => Fix Committed
--
CVE-2009-0737 Multiple cross-site scripting (XSS) vulnerabilities in the
web-base
Andreas,
Are you sure about this part in the hardy debdiff:
+Index: mediawiki-1.11.2/includes/GlobalFunctions.php
+===
+--- mediawiki-1.11.2.orig/includes/GlobalFunctions.php 2008-03-03
08:09:26.0 +0100
mediawiki-1.11.2
This bug was fixed in the package mediawiki - 1:1.13.3-1ubuntu2
---
mediawiki (1:1.13.3-1ubuntu2) jaunty; urgency=low
* SECURITY UPDATE: Multiple cross-site scripting (XSS) vulnerabilities in
the web-based installer (config/index.php). (LP: #348858)
- CVE-2009-0737
- deb
Thanks for the debdiffs Andreas. I'll release packages today.
Could you please tag your patches next time, according to
https://wiki.ubuntu.com/UbuntuDevelopment/PatchTaggingGuidelines and
https://wiki.ubuntu.com/SecurityUpdateProcedures .
Thanks!
--
CVE-2009-0737 Multiple cross-site scripting
** Attachment removed: "mediawiki_1.11.2-2ubuntu0.3.debdiff"
http://launchpadlibrarian.net/24360438/mediawiki_1.11.2-2ubuntu0.3.debdiff
** Attachment added: "mediawiki_1.12.0-2ubuntu0.3.debdiff"
http://launchpadlibrarian.net/24360787/mediawiki_1.12.0-2ubuntu0.3.debdiff
--
CVE-2009-0737 Mult
And same for intrepid.
** Attachment added: "mediawiki_1.11.2-2ubuntu0.3.debdiff"
http://launchpadlibrarian.net/24360438/mediawiki_1.11.2-2ubuntu0.3.debdiff
** Changed in: mediawiki (Ubuntu Hardy)
Status: New => Triaged
** Changed in: mediawiki (Ubuntu Intrepid)
Status: New => T
Debdiff for hardy, both built and tested locally.
** Attachment added: "mediawiki_1.11.2-2ubuntu0.3.debdiff"
http://launchpadlibrarian.net/24360424/mediawiki_1.11.2-2ubuntu0.3.debdiff
--
CVE-2009-0737 Multiple cross-site scripting (XSS) vulnerabilities in the
web-based installer (config/inde
** Changed in: mediawiki (Ubuntu)
Status: In Progress => Fix Committed
--
CVE-2009-0737 Multiple cross-site scripting (XSS) vulnerabilities in the
web-based installer (config/index.php)
https://bugs.launchpad.net/bugs/348858
You received this bug notification because you are a member of U
** Changed in: mediawiki (Ubuntu)
Importance: Undecided => High
Assignee: (unassigned) => Andreas Wenning (andreas-wenning)
Status: New => In Progress
** Visibility changed to: Public
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-0737
--
CVE-2009-0737 Mult
11 matches
Mail list logo