Bug#758510: marked as done (mediawiki: 1.19.18 fixes security vulnerabilities (CVE-2014-5241 CVE-2014-5243))

[Debian Bug Tracking System]

Your message dated Tue, 26 Aug 2014 21:32:09 +0000
with message-id <e1xmolz-0007hu...@franck.debian.org>
and subject line Bug#758510: fixed in mediawiki 1:1.19.18+dfsg-0+deb7u1
has caused the Debian Bug report #758510,
regarding mediawiki: 1.19.18 fixes security vulnerabilities (CVE-2014-5241 
CVE-2014-5243)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
758510: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758510
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: mediawiki
Version: 1:1.19.17+dfsg-1
Severity: important
Tags: security upstream fixed-upstream
Control: found -1 1:1.19.16+dfsg-0+deb7u1

Hi

See

https://marc.info/?l=oss-security&m=140800398132695&w=2

and 

https://www.mediawiki.org/wiki/Release_notes/1.19#Changes_since_1.19.17
https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-July/000157.html

Regards,
Salvatore

--- End Message ---

--- Begin Message ---

Source: mediawiki
Source-Version: 1:1.19.18+dfsg-0+deb7u1

We believe that the bug you reported is fixed in the latest version of
mediawiki, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 758...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso <car...@debian.org> (supplier of updated mediawiki package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 19 Aug 2014 06:47:09 +0200
Source: mediawiki
Binary: mediawiki
Architecture: source all
Version: 1:1.19.18+dfsg-0+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Mediawiki Maintenance Team 
<pkg-mediawiki-de...@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <car...@debian.org>
Description: 
 mediawiki  - website engine for collaborative work
Closes: 752622 758510
Changes: 
 mediawiki (1:1.19.18+dfsg-0+deb7u1) wheezy-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Imported Upstream version 1.19.18+dfsg
     (Closes: #752622, #758510)
     - CVE-2014-5241 (bug 68187) SECURITY: Prepend jsonp callback with comment.
     - CVE-2014-5243 (bug 65778) SECURITY: Copy prevent-clickjacking between
       OutputPage and ParserOutput.
Checksums-Sha1: 
 4e694b8a86603a53cf397335727506535c7413a2 2174 
mediawiki_1.19.18+dfsg-0+deb7u1.dsc
 1c594a9ce796288cf27a8eba1d40fc871c0d554c 18200184 
mediawiki_1.19.18+dfsg.orig.tar.gz
 c0def12bff95bbe9596b04059d2f740b0aeb625b 65507 
mediawiki_1.19.18+dfsg-0+deb7u1.debian.tar.gz
 03c59f9561b7bdc4dfc6b4223be8a878d2659345 17863216 
mediawiki_1.19.18+dfsg-0+deb7u1_all.deb
Checksums-Sha256: 
 d6ca508c3571a85e698e05e901452cfcd9bc617d4f901e229c818a413f01017f 2174 
mediawiki_1.19.18+dfsg-0+deb7u1.dsc
 080709401f2ddea6127cd77d5e28b9e5c13b0db32a7848791f097b5d6c56c7a8 18200184 
mediawiki_1.19.18+dfsg.orig.tar.gz
 465f0f6e9e376b1d63979f1d21426a761bae00b32999efae867b66cfa69ad536 65507 
mediawiki_1.19.18+dfsg-0+deb7u1.debian.tar.gz
 ed97eb0f1c4942889d88a01a337ede9c3f2125ca59d2dfe6179d9d7a4d6d11c2 17863216 
mediawiki_1.19.18+dfsg-0+deb7u1_all.deb
Files: 
 93c62e445fffe6efc76ffaa7978b6733 2174 web optional 
mediawiki_1.19.18+dfsg-0+deb7u1.dsc
 3601fc9c9f802d3071164c590ce31312 18200184 web optional 
mediawiki_1.19.18+dfsg.orig.tar.gz
 d3d7b6c88aec04d10f381472770e04ef 65507 web optional 
mediawiki_1.19.18+dfsg-0+deb7u1.debian.tar.gz
 ecb6b02ebe8f45f408a75c38dbab2ba1 17863216 web optional 
mediawiki_1.19.18+dfsg-0+deb7u1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJT907dAAoJEAVMuPMTQ89Ei/gP/jf7O5/kKMD27CZl4LjFwUJy
aj37kArMwz2H722pHVH9joRcqpNw3JPBNsYC72pbizblfRcixiRF7sHKlOR6mTqZ
fvaM5OnbkRc064wKBexEkZLIMDY7oYBL9Oxk8lbkOGHFSRI0FWXkDkb7mO1vzTfs
I4HBdHw5nHpNG4dtNY1N60oALp64zWBh0s8khNYFLJrARZ0xSEBJ4/wYmTktAaB0
+qUJzhRHCs4MZ5fecwdwBOUQk0aTNSUMxc3avSVM4j0r3kthW7/QeYVSzZoKVG+E
PyoDNgCoLN4VQt1m4NpD5dZtifIcXr8NJHXjVAlUIO05VoiLkucGs9xFNyq0E3mC
Q7Zrc0L0sAXjYmSG1hM+8fkdRxVeFIH3Cy8KyenN3ExNZFg+aUqiab5wsQFeDlWx
Mnw2kxOJ9EfqBB+vITD2ldqzIaVkTaF74RvyKtTKfdZfku504aZUwZACQ51/zZKT
BG6d6Y3vrni7SJs9mSHXm3uC4q5WyROJE+tvFOfA3eJvkMK3NAIhqB6Z2ayLlkZ1
nDe0S/Z8aWpZaUpznCwVavk5OnYBTwAf11y5jAvyqG7Jemfe1Bt/cVcVIszbYPwO
eVlaQz40nWBEHJQrBT5kKB2LiEZtCrjzVJwNz2Zo4f6RikldX5ixT5UNzyY9r7Qg
kVGUh6fyUOVhQDxqii5T
=XqEF
-----END PGP SIGNATURE-----

--- End Message ---