[Bug 87088] [Sync Request] Sync mediawiki1.7 (1.7.1-9) from Debian unstable (main)
Michael Bienia
michael at vorlon.ping.de
Thu Feb 22 17:04:22 GMT 2007
Public bug reported:
Binary package hint: mediawiki1.7
Please sync mediawiki1.7 (1.7.1-9) from Debian unstable (main).
The Ubuntu package has no changes.
Thanks.
Changelog:
mediawiki1.7 (1.7.1-9) unstable; urgency=high
* Backported security fix from 1.7.3 release:
"An XSS injection vulnerability based on Microsoft Internet Explorer's UTF-7
charset autodetection was located in the AJAX support module, affecting
MSIE users on MediaWiki 1.6.x and up when the optional setting $wgUseAjax is
enabled."
See:
http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_7_3/phase3/RELEASE-NOTES
-- Romain Beauxis <toots at rastageeks.org> Wed, 21 Feb 2007 11:23:49
+0100
mediawiki1.7 (1.7.1-8) unstable; urgency=low
* Added debconf translations, thanks to contributors!
Closes: #408607, #410987
-- Romain Beauxis <toots at rastageeks.org> Tue, 20 Feb 2007 02:41:36
+0100
mediawiki1.7 (1.7.1-7) unstable; urgency=low
* Removed problematic link in /etc/mediawiki1.7.
See #388616 and #393962. Added a readme file to explain
the situation instead.
Closes: #393962
-- Romain Beauxis <toots at rastageeks.org> Fri, 9 Feb 2007 00:36:38
+0100
** Affects: mediawiki1.7 (Ubuntu)
Importance: Undecided
Status: Unconfirmed
--
[Sync Request] Sync mediawiki1.7 (1.7.1-9) from Debian unstable (main)
https://launchpad.net/bugs/87088
More information about the ubuntu-archive
mailing list