This bug was fixed in the package mediawiki - 1:1.15.1-1ubuntu2.1
---
mediawiki (1:1.15.1-1ubuntu2.1) lucid-security; urgency=low
* SECURITY UPDATE: A CSRF vulnerability was discovered in our login
interface. Although regular logins are protected as of 1.15.3, it was
This bug was fixed in the package mediawiki - 1:1.15.0-1.1ubuntu0.3
---
mediawiki (1:1.15.0-1.1ubuntu0.3) karmic-security; urgency=low
* SECURITY UPDATE: A CSRF vulnerability was discovered in our login
interface. Although regular logins are protected as of 1.15.3, it was
This bug was fixed in the package mediawiki - 1:1.13.3-1ubuntu2.3
---
mediawiki (1:1.13.3-1ubuntu2.3) jaunty-security; urgency=low
* SECURITY UPDATE: A CSRF vulnerability was discovered in our login
interface. Although regular logins are protected as of 1.15.3, it was
This bug was fixed in the package mediawiki - 1:1.11.2-2ubuntu0.6
---
mediawiki (1:1.11.2-2ubuntu0.6) hardy-security; urgency=low
* SECURITY UPDATE: A CSRF vulnerability was discovered in our login
interface. Although regular logins are protected as of 1.15.3, it was
ACK for all releases; thanks for the debdiffs and testing. These are
building now in the security queue.
** Changed in: mediawiki (Ubuntu Hardy)
Importance: Undecided = Medium
** Changed in: mediawiki (Ubuntu Lucid)
Importance: Undecided = Medium
** Changed in: mediawiki (Ubuntu Karmic)
Looks like they will become CVE-2010-1647 and CVE-2010-1648 according to
http://security-tracker.debian.org/tracker/source-package/mediawiki if
you want to mark them in the cve-tracker.
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-1647
** CVE added:
Debdiff fixing this for lucid.
** Patch added: mediawiki_1.15.1-1ubuntu2.1.debdiff
http://launchpadlibrarian.net/49409916/mediawiki_1.15.1-1ubuntu2.1.debdiff
--
CSRF and XSS vulnerability; new version 1.15.4 released
https://bugs.launchpad.net/bugs/586773
You received this bug notification
Debdiff fixing this for karmic.
** Patch added: mediawiki_1.15.0-1.1ubuntu0.3.debdiff
http://launchpadlibrarian.net/49409953/mediawiki_1.15.0-1.1ubuntu0.3.debdiff
--
CSRF and XSS vulnerability; new version 1.15.4 released
https://bugs.launchpad.net/bugs/586773
You received this bug
Debdiff fixing this for jaunty.
** Patch added: mediawiki_1.13.3-1ubuntu2.3.debdiff
http://launchpadlibrarian.net/49409997/mediawiki_1.13.3-1ubuntu2.3.debdiff
--
CSRF and XSS vulnerability; new version 1.15.4 released
https://bugs.launchpad.net/bugs/586773
You received this bug notification
Debdiff fixing this for hardy.
** Patch added: mediawiki_1.11.2-2ubuntu0.6.debdiff
http://launchpadlibrarian.net/49410019/mediawiki_1.11.2-2ubuntu0.6.debdiff
--
CSRF and XSS vulnerability; new version 1.15.4 released
https://bugs.launchpad.net/bugs/586773
You received this bug notification
This bug was fixed in the package mediawiki - 1:1.15.1-1ubuntu3
---
mediawiki (1:1.15.1-1ubuntu3) maverick; urgency=low
* SECURITY UPDATE: A CSRF vulnerability was discovered in our login
interface. Although regular logins are protected as of 1.15.3, it was
discovered that
All of the have above have been successfully tested in the relevant
release in a chroot.
** Changed in: mediawiki (Ubuntu Hardy)
Status: In Progress = Confirmed
** Changed in: mediawiki (Ubuntu Lucid)
Status: In Progress = Confirmed
** Changed in: mediawiki (Ubuntu Karmic)
** Visibility changed to: Public
--
CSRF and XSS vulnerability; new version 1.15.4 released
https://bugs.launchpad.net/bugs/586773
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
13 matches
Mail list logo