[Pkg-mediawiki-commits] r294 - mediawiki/trunk/debian
Jonathan Wiltshire
jmw at alioth.debian.org
Sat Jan 14 23:50:00 UTC 2012
Author: jmw
Date: 2012-01-14 23:50:00 +0000 (Sat, 14 Jan 2012)
New Revision: 294
Modified:
mediawiki/trunk/debian/changelog
Log:
Merge changelog entries from unstable security uploads
Modified: mediawiki/trunk/debian/changelog
===================================================================
--- mediawiki/trunk/debian/changelog 2012-01-13 12:13:34 UTC (rev 293)
+++ mediawiki/trunk/debian/changelog 2012-01-14 23:50:00 UTC (rev 294)
@@ -1,12 +1,43 @@
mediawiki (1:1.17.0-1) UNRELEASED; urgency=low
+ * Remove patches integrated upstream in this version
+
+ -- Jonathan Wiltshire <jmw at debian.org> Sat, 14 Jan 2012 23:47:48 +0000
+
+mediawiki (1:1.15.5-6) unstable; urgency=low
+
[ Thorsten Glaser ]
+ * debian/patches/khtml_not_ff9.patch: new (Closes: #652948)
+
+ [ Jonathan Wiltshire ]
+ * debian/patches/CVE-2012-0046.patch: security fix for unintended exposure
+ of hidden content through cache pollution, CVE-2012-0046 (Closes: #655694)
+
+ -- Jonathan Wiltshire <jmw at debian.org> Fri, 13 Jan 2012 09:54:41 +0000
+
+mediawiki (1:1.15.5-5) unstable; urgency=high
+
+ * Security fixes from upstream:
+ CVE-2011-1578 - XSS for IE <= 6
+ CVE-2011-1579 - CSS validation error in wikitext parser
+ CVE-2011-1580 - access control checks on transwiki import feature
+ CVE-2011-1587 - fix incomplete patch for CVE-2011-1578
+
+ -- Jonathan Wiltshire <jmw at debian.org> Sun, 18 Dec 2011 23:48:18 +0000
+
+mediawiki (1:1.15.5-4) unstable; urgency=low
+
+ [ Thorsten Glaser ]
* debian/patches/fix_invalid_sql.patch: new (Closes: #615983)
[ Jonathan Wiltshire ]
- * Remove patches integrated upstream in this version
+ * Security fixes from upstream (Closes: #650434):
+ CVE-2011-4360 - page titles on private wikis could be exposed
+ bypassing different page ids to index.php
+ CVE-2011-4361 - action=ajax requests were dispatched to the
+ relevant function without any read permission checks being done
- -- Jonathan Wiltshire <jmw at debian.org> Sun, 24 Jul 2011 14:43:22 +0100
+ -- Jonathan Wiltshire <jmw at debian.org> Wed, 30 Nov 2011 22:42:52 +0000
mediawiki (1:1.15.5-3) unstable; urgency=high
More information about the Pkg-mediawiki-commits
mailing list