-
mediawiki (1:1.19.20+dfsg-2.2) unstable; urgency=medium
* Non-maintainer upload.
* Add patch fixing T76686: thumb.php outputs wikitext message as raw
HTML, which could lead to xss. Permission to edit MediaWiki namespace
is required to exploit this.
-- Sebastien Delafond <email address hidden> Sun, 21 Dec 2014 13:11:10 +0100
-
mediawiki (1:1.19.20+dfsg-2.1) unstable; urgency=medium
* Non-maintainer upload.
* CVE-2014-9277: The <cross-domain-policy> mangling in OutputHandler.php
poses a potentially severe security problem for API clients written in
PHP, in that format=php is affected (Closes: #772764).
-- Sebastien Delafond <email address hidden> Sun, 14 Dec 2014 18:23:47 +0100
-
mediawiki (1:1.19.20+dfsg-2) unstable; urgency=low
* Team upload.
* Remove myself from Uploaders.
-- Thorsten Glaser <email address hidden> Tue, 07 Oct 2014 18:13:52 +0000
-
mediawiki (1:1.19.18+dfsg-0.1) unstable; urgency=high
* Non-maintainer upload with maintainers approval.
* Imported Upstream version 1.19.18+dfsg
(Closes: #758510)
- CVE-2014-5241 (bug 68187) SECURITY: Prepend jsonp callback with comment.
- CVE-2014-5243 (bug 65778) SECURITY: Copy prevent-clickjacking between
OutputPage and ParserOutput.
-- Salvatore Bonaccorso <email address hidden> Sun, 24 Aug 2014 06:47:35 +0200