[Pkg-mediawiki-commits] r504 - mediawiki/trunk/debian
Thorsten Glaser
tg at moszumanska.debian.org
Tue Jan 14 09:55:07 UTC 2014
Author: tg
Date: 2014-01-14 09:55:07 +0000 (Tue, 14 Jan 2014)
New Revision: 504
Modified:
mediawiki/trunk/debian/changelog
Log:
changelog entry for the bump
Modified: mediawiki/trunk/debian/changelog
===================================================================
--- mediawiki/trunk/debian/changelog 2014-01-14 09:49:52 UTC (rev 503)
+++ mediawiki/trunk/debian/changelog 2014-01-14 09:55:07 UTC (rev 504)
@@ -1,3 +1,14 @@
+mediawiki (1:1.19.10+dfsg-1) unstable; urgency=high
+
+ * New upstream security fix release:
+ - CVE-2013-4568 (bug 58088) Don't normalize U+FF3C to \ in CSS Checks
+ - CVE-2013-6452 (bug 57550) Disallow stylesheets in SVG Uploads
+ - CVE-2013-6453 (bug 58553) Return error on invalid XML for SVG Uploads
+ - CVE-2013-6454 (bug 58472) Disallow -o-link in styles
+ - CVE-2013-6472 (bug 58699) Fix RevDel log entry information leaks
+
+ -- Thorsten Glaser <tg at mirbsd.de> Tue, 14 Jan 2014 10:51:35 +0100
+
mediawiki (1:1.19.9+dfsg-2) unstable; urgency=medium
* Ship files in /etc/mediawiki-extensions/extensions-available/
More information about the Pkg-mediawiki-commits
mailing list