Sync mediawiki 1:1.15.5-1 (universe) from Debian unstable (main)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mediawiki (Ubuntu) |
Fix Released
|
Wishlist
|
Unassigned |
Bug Description
Binary package hint: mediawiki
Please sync the new upstream security release from sid to fix #610782 and #610819, plus a further bug that does not have a Launchpad report.
Here is the changelog since the current version:
mediawiki (1:1.15.5-1) unstable; urgency=high
[ Thorsten Glaser ]
* debian/
about session_start() being called twice also in the PHP error
log, not just MediaWiki’s, for example run from FusionForge
[ Jonathan Wiltshire ]
* New upstream security release:
- correctly set caching headers to prevent private data leakage
(closes: #590660, LP: #610782)
- fix XSS vulnerability in profileinfo.php
(closes: #590669, LP: #610819)
-- Jonathan Wiltshire <email address hidden> Wed, 28 Jul 2010 12:23:04 +0100
Changed in mediawiki (Ubuntu): | |
importance: | Undecided → Wishlist |
subscribing sponsors, unsubscribing release-team, as we're not yet in feature freeze.