From owner at bugs.debian.org Wed Apr 1 08:39:05 2015 From: owner at bugs.debian.org (Debian Bug Tracking System) Date: Wed, 01 Apr 2015 08:39:05 +0000 Subject: [Pkg-mediawiki-devel] Processed: retitle References: <668A5A85-D3E4-40F0-8942-54E6F5138361@fastlizard4.org> Message-ID: Processing commands for control at bugs.debian.org: > retitle 728347 Please package later version (current LTS: 1.23.9) Bug #728347 [mediawiki] Please package later version (current LTS: 1.23.3) Changed Bug title to 'Please package later version (current LTS: 1.23.9)' from 'Please package later version (current LTS: 1.23.3)' > thanks Stopping processing here. Please contact me if you need assistance. -- 728347: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728347 Debian Bug Tracking System Contact owner at bugs.debian.org with problems From otto at seravo.fi Sun Apr 5 20:04:51 2015 From: otto at seravo.fi (Otto =?UTF-8?Q?Kek=C3=A4l=C3=A4inen?=) Date: Sun, 5 Apr 2015 23:04:51 +0300 Subject: [Pkg-mediawiki-devel] Bug#781974: Include MariaDB in dependencies Message-ID: Package: mediawiki Severity: minor Hello! The package currently has the following line: Recommends: mysql-server | postgresql-contrib It should be changed to Recommends: mysql-server | virtual-mysql-server | postgresql-contrib ..as announced by James Page in Misc Developer News #37 (https://lists.debian.org/debian-devel-announce/2014/11/msg00015.html). Alternatively, if you prefer MariaDB, then the line could say: Recommends: mariadb-server | virtual-mysql-server | postgresql-contrib Wikipedia uses MariaDB instead of MySQL, so I assume users would be best served if MariaDB was the primary recommendation. From ftpmaster at ftp-master.debian.org Mon Apr 6 17:17:46 2015 From: ftpmaster at ftp-master.debian.org (Debian FTP Masters) Date: Mon, 06 Apr 2015 17:17:46 +0000 Subject: [Pkg-mediawiki-devel] Processing of mediawiki_1.19.20+dfsg-2.3_amd64.changes Message-ID: mediawiki_1.19.20+dfsg-2.3_amd64.changes uploaded successfully to localhost along with the files: mediawiki_1.19.20+dfsg-2.3.dsc mediawiki_1.19.20+dfsg-2.3.debian.tar.xz mediawiki_1.19.20+dfsg-2.3_all.deb mediawiki-classes_1.19.20+dfsg-2.3_all.deb Greetings, Your Debian queue daemon (running on host franck.debian.org) From ftpmaster at ftp-master.debian.org Mon Apr 6 17:20:59 2015 From: ftpmaster at ftp-master.debian.org (Debian FTP Masters) Date: Mon, 06 Apr 2015 17:20:59 +0000 Subject: [Pkg-mediawiki-devel] mediawiki_1.19.20+dfsg-2.3_amd64.changes ACCEPTED into unstable Message-ID: Accepted: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 06 Apr 2015 16:53:54 +0000 Source: mediawiki Binary: mediawiki mediawiki-classes Architecture: source all Version: 1:1.19.20+dfsg-2.3 Distribution: unstable Urgency: high Maintainer: Mediawiki Maintenance Team Changed-By: Thijs Kinkhorst Description: mediawiki - website engine for collaborative work mediawiki-classes - website engine for collaborative work - standalone classes Changes: mediawiki (1:1.19.20+dfsg-2.3) unstable; urgency=high . * Non-maintainer upload. * Add patch fixing several security issues: - (bug T85848, bug T71210) SECURITY: Don't parse XMP blocks that contain XML entities, to prevent various DoS attacks. - (bug T88310) SECURITY: Always expand xml entities when checking SVG's. - (bug T73394) SECURITY: Escape > in Html::expandAttributes to prevent XSS. - (bug T85855) SECURITY: Don't execute another user's CSS or JS on preview. - (bug T85349, bug T85850, bug T86711) SECURITY: Multiple issues fixed in SVG filtering to prevent XSS and protect viewer's privacy. Checksums-Sha1: 80dba7b9ee2eeece7a918642cdb79a0ea4dc6188 1786 mediawiki_1.19.20+dfsg-2.3.dsc 0a10955bba150af86b8e5ca6cd3593bd697d5e96 69440 mediawiki_1.19.20+dfsg-2.3.debian.tar.xz 4df817993bc832fe12feaff4d296a8db3fb16140 11787802 mediawiki_1.19.20+dfsg-2.3_all.deb 546aaa6e59221f0702917c9da2d1e79d42f1fa1b 238972 mediawiki-classes_1.19.20+dfsg-2.3_all.deb Checksums-Sha256: 64a4fe8269e95497be9e118442e9c5177856f78aa51607b65b2b9032f0220a9a 1786 mediawiki_1.19.20+dfsg-2.3.dsc 5e42586bb35af3daeb5a85f47caf0e50684c1f36644e2772802d6b7919f48948 69440 mediawiki_1.19.20+dfsg-2.3.debian.tar.xz 2014a4a85d68cd3ac000c18c5867b157fdcd8abf6719dc8bd4ef605bf131df79 11787802 mediawiki_1.19.20+dfsg-2.3_all.deb 00cba4b2a8117f70dd347e0729671f2370eba13988acad55f3442f12e0c1f344 238972 mediawiki-classes_1.19.20+dfsg-2.3_all.deb Files: c19a7b5a12cc1828603806a838312cde 1786 web optional mediawiki_1.19.20+dfsg-2.3.dsc 909a19d9d9dc5a0af18c7b4d574f3788 69440 web optional mediawiki_1.19.20+dfsg-2.3.debian.tar.xz 98896f2bb819b4eb0908638b7b3c9f6d 11787802 web optional mediawiki_1.19.20+dfsg-2.3_all.deb edbde0bd777eb1d7b88ead9af1957695 238972 web optional mediawiki-classes_1.19.20+dfsg-2.3_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJVIr72AAoJEFb2GnlAHawEDd0H/iPF2eSdQUZWl0Vva/a4QQoC L3CFVn3HAwG6UZ2Gvl71IXiXy4kxL+8hN1vHCLiX1fAqftsyLmex61hHIOdWW3St YpYq+Yqz/M2/ILePZGdBZ7OrQZwTCL5IS04uxwQYRkOsmdLoP5hKwdDeL6wKbrSJ sJEjKnAtEBLJz42Xb5XPG8zQ9BCdARKuWsvnKAJtzsCt5xTOF5ATK2RchOnp4ajP pV/9n93pZ9IMjes13msV+BPtTpJCw8Y6polSfcXrySGzKy954WxhC1xr70ijGgnH Qk1PapcyAcgx+JjGHUiaU8qQOEGNDwF++3pP4deEgD/4mPlDQrbeaHmACG54J1I= =CL/d -----END PGP SIGNATURE----- Thank you for your contribution to Debian. From owner at bugs.debian.org Wed Apr 8 13:06:23 2015 From: owner at bugs.debian.org (Debian Bug Tracking System) Date: Wed, 08 Apr 2015 13:06:23 +0000 Subject: [Pkg-mediawiki-devel] Processed: closing 773654 References: <20150408130341.4EC5E20651@tetraquark.soleus.nu> Message-ID: Processing commands for control at bugs.debian.org: > close 773654 Bug #773654 [mediawiki] mediawiki: CVE-2014-9475: thumb.php outputs wikitext message as raw HTML Marked Bug as done > thanks Stopping processing here. Please contact me if you need assistance. -- 773654: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773654 Debian Bug Tracking System Contact owner at bugs.debian.org with problems From owner at bugs.debian.org Wed Apr 8 13:09:07 2015 From: owner at bugs.debian.org (Debian Bug Tracking System) Date: Wed, 08 Apr 2015 13:09:07 +0000 Subject: [Pkg-mediawiki-devel] Processed: closing 762754 References: <20150408130758.14BB920651@tetraquark.soleus.nu> Message-ID: Processing commands for control at bugs.debian.org: > close 762754 1:1.19.20+dfsg-0+deb7u3 Bug #762754 [mediawiki] mediawiki: Enhance CSS filtering in SVG files Marked as fixed in versions mediawiki/1:1.19.20+dfsg-0+deb7u3. Bug #762754 [mediawiki] mediawiki: Enhance CSS filtering in SVG files Marked Bug as done > thanks Stopping processing here. Please contact me if you need assistance. -- 762754: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762754 Debian Bug Tracking System Contact owner at bugs.debian.org with problems From noreply at release.debian.org Thu Apr 9 16:39:17 2015 From: noreply at release.debian.org (Debian testing watch) Date: Thu, 09 Apr 2015 16:39:17 +0000 Subject: [Pkg-mediawiki-devel] mediawiki 1:1.19.20+dfsg-2.3 MIGRATED to testing Message-ID: FYI: The status of the mediawiki source package in Debian's testing distribution has changed. Previous version: 1:1.19.20+dfsg-2.2 Current version: 1:1.19.20+dfsg-2.3 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will receive later changes on the next day. See https://release.debian.org/testing-watch/ for more information. From jmw at debian.org Mon Apr 27 15:00:10 2015 From: jmw at debian.org (Jonathan Wiltshire) Date: Mon, 27 Apr 2015 16:00:10 +0100 Subject: [Pkg-mediawiki-devel] Bug#783503: mediawiki: not suitable for Stretch Message-ID: Package: mediawiki Version: 1:1.19.20+dfsg-2.3 Severity: serious Tags: stretch sid Mediawiki as it currently stands is not suitable for a stable release. This blocker bug is to ensure it does not migrate to testing. -- Jonathan Wiltshire jmw at debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 i have six years of solaris sysadmin experience, from 8->10. i am well qualified to say it is made from bonghits layered on top of bonghits