[Pkg-mediawiki-commits] r294 - mediawiki/trunk/debian

Jonathan Wiltshire jmw at alioth.debian.org
Sat Jan 14 23:50:00 UTC 2012 

Author: jmw
Date: 2012-01-14 23:50:00 +0000 (Sat, 14 Jan 2012)
New Revision: 294

Modified:
   mediawiki/trunk/debian/changelog
Log:
Merge changelog entries from unstable security uploads

Modified: mediawiki/trunk/debian/changelog
===================================================================
--- mediawiki/trunk/debian/changelog	2012-01-13 12:13:34 UTC (rev 293)
+++ mediawiki/trunk/debian/changelog	2012-01-14 23:50:00 UTC (rev 294)
@@ -1,12 +1,43 @@
 mediawiki (1:1.17.0-1) UNRELEASED; urgency=low
 
+  * Remove patches integrated upstream in this version
+
+ -- Jonathan Wiltshire <jmw at debian.org>  Sat, 14 Jan 2012 23:47:48 +0000
+
+mediawiki (1:1.15.5-6) unstable; urgency=low
+
   [ Thorsten Glaser ]
+  * debian/patches/khtml_not_ff9.patch: new (Closes: #652948)
+
+  [ Jonathan Wiltshire ]
+  * debian/patches/CVE-2012-0046.patch: security fix for unintended exposure
+    of hidden content through cache pollution, CVE-2012-0046 (Closes: #655694)
+
+ -- Jonathan Wiltshire <jmw at debian.org>  Fri, 13 Jan 2012 09:54:41 +0000
+
+mediawiki (1:1.15.5-5) unstable; urgency=high
+
+  * Security fixes from upstream:
+    CVE-2011-1578 - XSS for IE <= 6
+    CVE-2011-1579 - CSS validation error in wikitext parser
+    CVE-2011-1580 - access control checks on transwiki import feature
+    CVE-2011-1587 - fix incomplete patch for CVE-2011-1578
+
+ -- Jonathan Wiltshire <jmw at debian.org>  Sun, 18 Dec 2011 23:48:18 +0000
+
+mediawiki (1:1.15.5-4) unstable; urgency=low
+
+  [ Thorsten Glaser ]
   * debian/patches/fix_invalid_sql.patch: new (Closes: #615983)
 
   [ Jonathan Wiltshire ]
-  * Remove patches integrated upstream in this version
+  * Security fixes from upstream (Closes: #650434):
+    CVE-2011-4360 - page titles on private wikis could be exposed
+    bypassing different page ids to index.php
+    CVE-2011-4361 - action=ajax requests were dispatched to the
+    relevant function without any read permission checks being done
 
- -- Jonathan Wiltshire <jmw at debian.org>  Sun, 24 Jul 2011 14:43:22 +0100
+ -- Jonathan Wiltshire <jmw at debian.org>  Wed, 30 Nov 2011 22:42:52 +0000
 
 mediawiki (1:1.15.5-3) unstable; urgency=high

More information about the Pkg-mediawiki-commits mailing list