[Bug 610782] Re: Private data leakage in MW >= 1.8

Thu, 29 Jul 2010 05:21:06 -0700 

This bug was fixed in the package mediawiki - 1:1.15.5-1

---------------
mediawiki (1:1.15.5-1) unstable; urgency=high

  [ Thorsten Glaser ]
  * debian/patches/suppress_warnings.patch: new, suppress warnings
    about session_start() being called twice also in the PHP error
    log, not just MediaWiki’s, for example run from FusionForge

  [ Jonathan Wiltshire ]
  * New upstream security release:
    - correctly set caching headers to prevent private data leakage
         (closes: #590660, LP: #610782)
    - fix XSS vulnerability in profileinfo.php
         (closes: #590669, LP: #610819)
 -- Jonathan Wiltshire <deb...@jwiltshire.org.uk>   Wed, 28 Jul 2010 12:23:04 
+0100

** Changed in: mediawiki (Ubuntu)
       Status: New => Fix Released

-- 
Private data leakage in MW >= 1.8
https://bugs.launchpad.net/bugs/610782
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to