mediawiki 1:1.12.0-2ubuntu0.2 source package in Ubuntu

Changelog

mediawiki (1:1.12.0-2ubuntu0.2) intrepid-security; urgency=low

  * SECURITY UPDATE:
    - CVE-2008-5249
    - CVE-2008-5250
    - CVE-2008-5252
    - other security-related problems (see full patch description).
    - patch taken directly from Debian
    - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508870
    - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508869
    - http://lists.wikimedia.org/pipermail/mediawiki-announce/2008-December/000080.html
  * debian/patches/CVE-2008-5249_CVE-2008-5250_CVE-2008-5252.patch:
    - Fixed output escaping for reporting of non-MediaWiki exceptions.
      Potential XSS if an extension throws one of these with user input.
    - Avoid fatal error in profileinfo.php when not configured.
    - Fixed CSRF vulnerability in Special:Import. Fixed input validation in
      transwiki import feature.
    - Add a .htaccess to deleted images directory for additional protection
      against exposure of deleted files with known SHA-1 hashes on default
      installations.
    - Fixed XSS vulnerability for Internet Explorer clients, via file uploads
      which are interpreted by IE as HTML.
    - Fixed XSS vulnerability for clients with SVG scripting, on wikis where SVG
      uploads are enabled. Firefox 1.5+ is affected.
    - Avoid streaming uploaded files to the user via index.php. This allows
      security-conscious users to serve uploaded files via a different domain,
      and thus client-side scripts executed from that domain cannot access the
      login cookies. Affects Special:Undelete, img_auth.php and thumb.php.
    - When streaming files via index.php, use the MIME type detected from the
      file extension, not from the data. This reduces the XSS attack surface.
    - Blacklist redirects via Special:Filepath. Such redirects exacerbate any
      XSS vulnerabilities involving uploads of files containing scripts.

 -- Andreas Wenning <email address hidden>   Sun, 01 Feb 2009 08:53:13 +0100