subject:"\[Bug 586773\] Re\: CSRF and XSS vulnerability; new version 1.15.4 released"

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

2010-06-02 Thread Launchpad Bug Tracker

This bug was fixed in the package mediawiki - 1:1.15.1-1ubuntu2.1 --- mediawiki (1:1.15.1-1ubuntu2.1) lucid-security; urgency=low * SECURITY UPDATE: A CSRF vulnerability was discovered in our login interface. Although regular logins are protected as of 1.15.3, it was

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

2010-06-02 Thread Launchpad Bug Tracker

This bug was fixed in the package mediawiki - 1:1.15.0-1.1ubuntu0.3 --- mediawiki (1:1.15.0-1.1ubuntu0.3) karmic-security; urgency=low * SECURITY UPDATE: A CSRF vulnerability was discovered in our login interface. Although regular logins are protected as of 1.15.3, it was

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

2010-06-02 Thread Launchpad Bug Tracker

This bug was fixed in the package mediawiki - 1:1.13.3-1ubuntu2.3 --- mediawiki (1:1.13.3-1ubuntu2.3) jaunty-security; urgency=low * SECURITY UPDATE: A CSRF vulnerability was discovered in our login interface. Although regular logins are protected as of 1.15.3, it was

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

2010-06-02 Thread Launchpad Bug Tracker

This bug was fixed in the package mediawiki - 1:1.11.2-2ubuntu0.6 --- mediawiki (1:1.11.2-2ubuntu0.6) hardy-security; urgency=low * SECURITY UPDATE: A CSRF vulnerability was discovered in our login interface. Although regular logins are protected as of 1.15.3, it was

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

2010-06-01 Thread Kees Cook

ACK for all releases; thanks for the debdiffs and testing. These are building now in the security queue. ** Changed in: mediawiki (Ubuntu Hardy) Importance: Undecided = Medium ** Changed in: mediawiki (Ubuntu Lucid) Importance: Undecided = Medium ** Changed in: mediawiki (Ubuntu Karmic)

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

2010-06-01 Thread Andreas Wenning

Looks like they will become CVE-2010-1647 and CVE-2010-1648 according to http://security-tracker.debian.org/tracker/source-package/mediawiki if you want to mark them in the cve-tracker. ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-1647 ** CVE added:

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

2010-05-30 Thread Andreas Wenning

Debdiff fixing this for lucid. ** Patch added: mediawiki_1.15.1-1ubuntu2.1.debdiff http://launchpadlibrarian.net/49409916/mediawiki_1.15.1-1ubuntu2.1.debdiff -- CSRF and XSS vulnerability; new version 1.15.4 released https://bugs.launchpad.net/bugs/586773 You received this bug notification

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

2010-05-30 Thread Andreas Wenning

Debdiff fixing this for karmic. ** Patch added: mediawiki_1.15.0-1.1ubuntu0.3.debdiff http://launchpadlibrarian.net/49409953/mediawiki_1.15.0-1.1ubuntu0.3.debdiff -- CSRF and XSS vulnerability; new version 1.15.4 released https://bugs.launchpad.net/bugs/586773 You received this bug

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

2010-05-30 Thread Andreas Wenning

Debdiff fixing this for jaunty. ** Patch added: mediawiki_1.13.3-1ubuntu2.3.debdiff http://launchpadlibrarian.net/49409997/mediawiki_1.13.3-1ubuntu2.3.debdiff -- CSRF and XSS vulnerability; new version 1.15.4 released https://bugs.launchpad.net/bugs/586773 You received this bug notification

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

2010-05-30 Thread Andreas Wenning

Debdiff fixing this for hardy. ** Patch added: mediawiki_1.11.2-2ubuntu0.6.debdiff http://launchpadlibrarian.net/49410019/mediawiki_1.11.2-2ubuntu0.6.debdiff -- CSRF and XSS vulnerability; new version 1.15.4 released https://bugs.launchpad.net/bugs/586773 You received this bug notification

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

2010-05-30 Thread Launchpad Bug Tracker

This bug was fixed in the package mediawiki - 1:1.15.1-1ubuntu3 --- mediawiki (1:1.15.1-1ubuntu3) maverick; urgency=low * SECURITY UPDATE: A CSRF vulnerability was discovered in our login interface. Although regular logins are protected as of 1.15.3, it was discovered that

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

2010-05-30 Thread Andreas Wenning

All of the have above have been successfully tested in the relevant release in a chroot. ** Changed in: mediawiki (Ubuntu Hardy) Status: In Progress = Confirmed ** Changed in: mediawiki (Ubuntu Lucid) Status: In Progress = Confirmed ** Changed in: mediawiki (Ubuntu Karmic)

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

2010-05-28 Thread Andreas Wenning

** Visibility changed to: Public -- CSRF and XSS vulnerability; new version 1.15.4 released https://bugs.launchpad.net/bugs/586773 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

[Bug 586773] Re: CSRF and XSS vulnerability; new version 1.15.4 released

13 matches

Site Navigation

Mail list logo

Footer information