[Bug 348858] Re: CVE-2009-0737 Multiple cross-site scripting (XSS) vulnerabilities in the web-based installer (config/index.php)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Thu Mar 26 12:43:21 UTC 2009
Andreas,
Are you sure about this part in the hardy debdiff:
+Index: mediawiki-1.11.2/includes/GlobalFunctions.php
+===================================================================
+--- mediawiki-1.11.2.orig/includes/GlobalFunctions.php 2008-03-03 08:09:26.000000000 +0100
++++ mediawiki-1.11.2/includes/GlobalFunctions.php 2009-03-26 09:40:33.000000000 +0100
+@@ -2320,4 +2320,19 @@
+ return wfIsWindows()
+ ? 'NUL'
+ : '/dev/null';
+-}
+\ No newline at end of file
++}
++
I think the "No newline..." part is a mistake, and now, it's included in
the function...
** Changed in: mediawiki (Ubuntu Intrepid)
Status: Triaged => Fix Committed
** Changed in: mediawiki (Ubuntu Hardy)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
Status: Triaged => Incomplete
--
CVE-2009-0737 Multiple cross-site scripting (XSS) vulnerabilities in the web-based installer (config/index.php)
https://bugs.launchpad.net/bugs/348858
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list