** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-1150
--
1.15.3 security release: CSRF login vulnerability
https://bugs.launchpad.net/bugs/557159
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs
ACK on the debdiffs, thanks Andreas.
I've added the CVE number to the changelog as it is known now, and will
publish the updates today.
--
1.15.3 security release: CSRF login vulnerability
https://bugs.launchpad.net/bugs/557159
You received this bug notification because you are a member of
This bug was fixed in the package mediawiki - 1:1.15.0-1.1ubuntu0.2
---
mediawiki (1:1.15.0-1.1ubuntu0.2) karmic-security; urgency=low
* SECURITY UPDATE: MediaWiki was found to be vulnerable to login CSRF. An
attacker who controls a user account on the target wiki can force the
This bug was fixed in the package mediawiki - 1:1.13.3-1ubuntu2.2
---
mediawiki (1:1.13.3-1ubuntu2.2) jaunty-security; urgency=low
* SECURITY UPDATE: MediaWiki was found to be vulnerable to login CSRF. An
attacker who controls a user account on the target wiki can force the
This bug was fixed in the package mediawiki - 1:1.12.0-2ubuntu0.5
---
mediawiki (1:1.12.0-2ubuntu0.5) intrepid-security; urgency=low
* SECURITY UPDATE: MediaWiki was found to be vulnerable to login CSRF. An
attacker who controls a user account on the target wiki can force the
This bug was fixed in the package mediawiki - 1:1.11.2-2ubuntu0.5
---
mediawiki (1:1.11.2-2ubuntu0.5) hardy-security; urgency=low
* SECURITY UPDATE: MediaWiki was found to be vulnerable to login CSRF. An
attacker who controls a user account on the target wiki can force the
** Changed in: mediawiki (Ubuntu)
Status: New = In Progress
** Changed in: mediawiki (Ubuntu)
Assignee: (unassigned) = Andreas Wenning (andreas-wenning)
--
1.15.3 security release: CSRF login vulnerability
https://bugs.launchpad.net/bugs/557159
You received this bug notification
Debdiff for karmic. Had been tested in a chroot; test primarily focused
on the login capability, as that is the one the patch touches.
** Also affects: mediawiki (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: mediawiki (Ubuntu Intrepid)
Importance: Undecided
Debdiff for jaunty. Had been tested in a chroot; test primarily focused
on the login capability, as that is the one the patch touches.
** Attachment added: mediawiki_1.13.3-1ubuntu2.2.debdiff
http://launchpadlibrarian.net/43337116/mediawiki_1.13.3-1ubuntu2.2.debdiff
--
1.15.3 security
Debdiff for intrepid. Had been tested in a chroot; test primarily
focused on the login capability, as that is the one the patch touches.
** Attachment added: mediawiki_1.12.0-2ubuntu0.5.debdiff
http://launchpadlibrarian.net/43337184/mediawiki_1.12.0-2ubuntu0.5.debdiff
--
1.15.3 security
Debdiff for hardy. Had been tested in a chroot; test primarily focused
on the login capability, as that is the one the patch touches.
** Attachment added: mediawiki_1.11.2-2ubuntu0.5.debdiff
http://launchpadlibrarian.net/43337521/mediawiki_1.11.2-2ubuntu0.5.debdiff
--
1.15.3 security
** Changed in: mediawiki (Ubuntu Karmic)
Status: New = Confirmed
** Changed in: mediawiki (Ubuntu Jaunty)
Status: New = Confirmed
** Changed in: mediawiki (Ubuntu Intrepid)
Status: New = Confirmed
** Changed in: mediawiki (Ubuntu Hardy)
Status: New = Confirmed
--
** Changed in: mediawiki (Ubuntu Lucid)
Status: In Progress = Fix Committed
--
1.15.3 security release: CSRF login vulnerability
https://bugs.launchpad.net/bugs/557159
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
This bug was fixed in the package mediawiki - 1:1.15.1-1ubuntu2
---
mediawiki (1:1.15.1-1ubuntu2) lucid; urgency=low
* SECURITY UPDATE: MediaWiki was found to be vulnerable to login CSRF. An
attacker who controls a user account on the target wiki can force the
victim to
** Branch linked: lp:ubuntu/mediawiki
--
1.15.3 security release: CSRF login vulnerability
https://bugs.launchpad.net/bugs/557159
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
15 matches
Mail list logo