lp:ubuntu/jaunty/mediawiki
- Get this branch:
- bzr branch lp:ubuntu/jaunty/mediawiki
Branch merges
Branch information
Recent revisions
- 18. By Andreas Wenning
-
* SECURITY UPDATE: Multiple cross-site scripting (XSS) vulnerabilities in
the web-based installer (config/index.php). (LP: #348858)
- CVE-2009-0737
- debian/patches/ CVE-2009- 0737.patch
- patch based on upstream patches for 1.13.4 and 1.13.5
- http://bugs.debian. org/cgi- bin/bugreport. cgi?bug= 514547
- http://lists.wikimedia .org/pipermail/ mediawiki- announce/ 2009-February/ 000083. html - 16. By Romain Beauxis
-
* New upstream release.
* Fix CVE-2008-5249: XSS vulnerability in MediaWiki:
"An XSS vulnerability affecting all MediaWiki installations between
1.13.0 and 1.13.2."
Closes: #508868
* Fix CVE-2008-5250: several local script injection vulnerabilities
in MediaWiki:
"o A local script injection vulnerability affecting Internet Explorer
clients for all MediaWiki installations with uploads enabled.
o A local script injection vulnerability affecting clients with SVG
scripting capability (such as Firefox 1.5+), for all MediaWiki
installations with SVG uploads enabled."
Closes: #508869
* Fix CVE-2008-5252: CSRF vulnerability affecting the Special:Import
feature in MediaWiki:
"A CSRF vulnerability affecting the Special:Import feature, for all
MediaWiki installations since the feature was introduced in 1.3.0."
Closes: #508870 - 15. By Romain Beauxis
-
* New upstream release
* Fix CVE-2008-4408: XSS in mediawiki:
"Cross-site scripting (XSS) vulnerability allows remote attackers
to inject arbitrary web script or HTML via the useskin parameter
to an unspecified component."
Closes: #501115 - 14. By Romain Beauxis
-
* Fixed postgresql dependency
Closes: #472987
* Added instructions to install and upgrade
Closes: #472990, #472831 - 13. By Romain Beauxis
-
* Added patch to fix pgsql select, thanks to Marc Dequènes
Closes: #469841
* Upated README.Debian to mention php5-gd instead of php5-gd2
and texlive-latex-base instead to tetex-bin.
Closes: #469558
* still setting urgency to high since previous upload didn't make it
to testing. - 12. By Romain Beauxis
-
* New upstream release
* A potential XSS injection vector affecting
Microsoft Internet Explorer users has been
closed. - 10. By Romain Beauxis
-
* Switched to mediawiki1.10
* Mediawiki1.10 recommends mediawiki-math (Closes: #428021) - 9. By Romain Beauxis
-
* Switched to mediawiki1.9, closes: #392932
* Corrected typo in control, closes: #414121
* Seperated -math extension to a single package, closes: #401714
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/mediawiki