*** This bug is a security vulnerability *** Public security bug reported:
Binary package hint: mediawiki >From the release notes: A CSS validation issue was discovered which allows editors to display external images in wiki pages. This is a privacy concern on public wikis, since a malicious user may link to an image on a server they control, which would allow that attacker to gather IP addresses and other information from users of the public wiki. All sites running publicly-editable MediaWiki installations are advised to upgrade. All versions of MediaWiki (prior to this one) are affected. Apart from the security issue a number of other bug-fixes is also included in the release. Looking through the release notes it is purely bugfix updates (and an import of improved translations): http://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_15_2/phase3/?view=log ** Affects: mediawiki (Ubuntu) Importance: Undecided Status: New ** Visibility changed to: Public -- 1.15.2 security update released; CSS validation issue https://bugs.launchpad.net/bugs/537974 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
