Public bug reported:
Binary package hint: mediawiki
Please sync the new upstream security release from sid to fix #610782
and #610819, plus a further bug that does not have a Launchpad report.
Here is the changelog since the current version:
mediawiki (1:1.15.5-1) unstable; urgency=high
[ Thorsten Glaser ]
* debian/patches/suppress_warnings.patch: new, suppress warnings
about session_start() being called twice also in the PHP error
log, not just MediaWiki’s, for example run from FusionForge
[ Jonathan Wiltshire ]
* New upstream security release:
- correctly set caching headers to prevent private data leakage
(closes: #590660, LP: #610782)
- fix XSS vulnerability in profileinfo.php
(closes: #590669, LP: #610819)
-- Jonathan Wiltshire <deb...@jwiltshire.org.uk> Wed, 28 Jul 2010
12:23:04 +0100
** Affects: mediawiki (Ubuntu)
Importance: Wishlist
Status: New
** Changed in: mediawiki (Ubuntu)
Importance: Undecided => Wishlist
--
Sync mediawiki 1:1.15.5-1 (universe) from Debian unstable (main)
https://bugs.launchpad.net/bugs/611069
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
