Change logs for mediawiki source package in Wily

mediawiki (1:1.19.20+dfsg-2.3) unstable; urgency=high


  * Non-maintainer upload.
  * Add patch fixing several security issues:
    - (bug T85848, bug T71210) SECURITY: Don't parse XMP blocks that
       contain XML entities, to prevent various DoS attacks.
    - (bug T88310) SECURITY: Always expand xml entities when checking
      SVG's.
    - (bug T73394) SECURITY: Escape > in Html::expandAttributes to
      prevent XSS.
    - (bug T85855) SECURITY: Don't execute another user's CSS or JS
      on preview.
    - (bug T85349, bug T85850, bug T86711) SECURITY: Multiple issues
      fixed in SVG filtering to prevent XSS and protect viewer's
      privacy.

 -- Thijs Kinkhorst <email address hidden>  Mon, 06 Apr 2015 16:53:54 +0000

mediawiki (1:1.19.20+dfsg-2.2) unstable; urgency=medium


  * Non-maintainer upload.
  * Add patch fixing T76686: thumb.php outputs wikitext message as raw
    HTML, which could lead to xss. Permission to edit MediaWiki namespace
    is required to exploit this.

 -- Sebastien Delafond <email address hidden>  Sun, 21 Dec 2014 13:11:10 +0100