-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 15 Mar 2010 11:41:07 -0500 Source: mediawiki Binary: mediawiki mediawiki-math Architecture: source all amd64 Version: 1:1.15.2-1 Distribution: unstable Urgency: high Maintainer: Mediawiki Maintenance Team <pkg-mediawiki-de...@lists.alioth.debian.org> Changed-By: Romain Beauxis <to...@rastageeks.org> Description: mediawiki - website engine for collaborative work mediawiki-math - math rendering plugin for MediaWiki Closes: 383130 537134 542008 Changes: mediawiki (1:1.15.2-1) unstable; urgency=high . * New upstream release. * Fixes security issue: "Two security issues were discovered: . A CSS validation issue was discovered which allows editors to display external images in wiki pages. This is a privacy concern on public wikis, since a malicious user may link to an image on a server they control, which would allow that attacker to gather IP addresses and other information from users of the public wiki. All sites running publicly-editable MediaWiki installations are advised to upgrade. All versions of MediaWiki (prior to this one) are affected. . A data leakage vulnerability was discovered in thumb.php which affects wikis which restrict access to private files using img_auth.php, or some similar scheme. All versions of MediaWiki since 1.5 are affected." * Updated standards. * Removed section about upgrading from mediawiki1.x packages in README.Debian since they do not exist in any supported distribution anymore. * Switched php5-gd and imagemagick in Suggests. Closes: #542008 * Backported patch from revision 51083 to fix a bug with invalid titles. Closes: #537134 * Backported patch from revision 61090 to add a unique guid per RSS feed element. Closes: #383130 * Refreshed patches. Checksums-Sha1: f2b960b30789cfa52f71739c8acc8b74af5004bc 1528 mediawiki_1.15.2-1.dsc c1e7e7243a052f3f9719f78573980c16f25da4b2 11469228 mediawiki_1.15.2.orig.tar.gz e56e6adcfc5bf54f0414735e403dd29384b26891 30559 mediawiki_1.15.2-1.diff.gz a96c1d2ecaabe20f5fca29ddb3742bbc5c0b0355 11452456 mediawiki_1.15.2-1_all.deb 82ce35f7abe1f919c6d6bd44c39381b2233bd53c 181472 mediawiki-math_1.15.2-1_amd64.deb Checksums-Sha256: 15acfd63dc787d03da6ec93a2ebc063e4b82ea1e64e8a4a4bebf22492212188d 1528 mediawiki_1.15.2-1.dsc 6b1e5f6d385214853452f36331aa952523bd40fc2765761d9788b827cfc5b704 11469228 mediawiki_1.15.2.orig.tar.gz c71d3ef160cd2191abab8e905d823a803339a8fe98b129f17fb8628d7a3ba07d 30559 mediawiki_1.15.2-1.diff.gz abe6381b8bfff29c0848195801711c38fa2f9648bd7e39870e9d81d3f522f4b4 11452456 mediawiki_1.15.2-1_all.deb 9360acac3e85ebe763a0ba32f52c2841183ada0cc86c416dd7078cb77398bd41 181472 mediawiki-math_1.15.2-1_amd64.deb Files: 3834e374a4fc55d854efb38cf0bf87ec 1528 web optional mediawiki_1.15.2-1.dsc fa5f7d22133068e5c9760a3777004293 11469228 web optional mediawiki_1.15.2.orig.tar.gz 6bd00a67e598311d92ba0564dc72e0b2 30559 web optional mediawiki_1.15.2-1.diff.gz da73478d04c707abdd8991826cf0d3a0 11452456 web optional mediawiki_1.15.2-1_all.deb 5ad89a87e2ffcae89233382da8aa2fd0 181472 web optional mediawiki-math_1.15.2-1_amd64.deb
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJLnm3jAAoJEAC5aaocqV0ZNv0H/AxgI40IyoXVEJ9RY3wihvJN uUkTcrjz9h3AifovPrhQd5nggSo5aBbT+660+Fuv5rBtzCnKfCOmGuHLrXFEA7mq tq5DRtcnxUBSYgBkliTbPdKS0D1U5g/iTPOpwJoAI9oZBiy0F2PbWoopikPuC/5t DSOOkAJ+yRqIfWJQR3t2eslI5by9Z3gB8fmAifMsjiMFZakTA707SmbW8wKI+T2B zkA3VMb8pU8lBDyVRiC5Gj5RRVnYUwBozh4ryTyosJk5Dh0EQDJLfTolhemTSV4f vp4fPusU05T2shxnu5Bpp1uvpqZkLfPi5H+Q94Jfdp2yrmlzX8YHpdxHK/fhxZc= =ivFs -----END PGP SIGNATURE----- Accepted: mediawiki-math_1.15.2-1_amd64.deb to main/m/mediawiki/mediawiki-math_1.15.2-1_amd64.deb mediawiki_1.15.2-1.diff.gz to main/m/mediawiki/mediawiki_1.15.2-1.diff.gz mediawiki_1.15.2-1.dsc to main/m/mediawiki/mediawiki_1.15.2-1.dsc mediawiki_1.15.2-1_all.deb to main/m/mediawiki/mediawiki_1.15.2-1_all.deb mediawiki_1.15.2.orig.tar.gz to main/m/mediawiki/mediawiki_1.15.2.orig.tar.gz -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1nre9n-0002vi...@ries.debian.org