Comment 6 for bug 539697

This bug was fixed in the package mediawiki - 1:1.11.2-2ubuntu0.4
---------------
 mediawiki (1:1.11.2-2ubuntu0.4) hardy-security; urgency=low
  * SECURITY UPDATE: CSS validation issue allowing external images to be included
     into wikis where that is disallowed by conf. (LP: #537974)
     - debian/patches/CSS-no-CVE_rev-63429.patch
     - patch based on upstream SVN rev. 63429
     - http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
   * Fix regression in CVE-2009-0737.patch, where the database-specific options
     will not be shown by default when installing mediawiki. (LP: #539697)