Package: release.debian.org Severity: normal Tags: patch User: [email protected] Usertags: pu
Hi, I would like to get a one-line security fix for mediawiki (again) into the next point release, it is a no-dsa. It has only today reached unstable so I'm happy to wait a few days first, tg already applied it to his farm with no ill-effects though. Debdiff attached for review. Thanks. -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.1.0-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash
diff -Nru mediawiki-1.15.5/debian/changelog mediawiki-1.15.5/debian/changelog --- mediawiki-1.15.5/debian/changelog 2011-12-18 23:18:01.000000000 +0000 +++ mediawiki-1.15.5/debian/changelog 2012-01-13 10:55:12.000000000 +0000 @@ -1,3 +1,10 @@ +mediawiki (1:1.15.5-2squeeze3) stable; urgency=low + + * debian/patches/CVE-2012-0046.patch: security fix for unintended exposure + of hidden content through cache pollution, CVE-2012-0046 (Closes: #655694) + + -- Jonathan Wiltshire <[email protected]> Fri, 13 Jan 2012 10:54:43 +0000 + mediawiki (1:1.15.5-2squeeze2) stable-security; urgency=low * Security fixes from upstream (Closes: #650434): diff -Nru mediawiki-1.15.5/debian/patches/CVE-2012-0046.patch mediawiki-1.15.5/debian/patches/CVE-2012-0046.patch --- mediawiki-1.15.5/debian/patches/CVE-2012-0046.patch 1970-01-01 01:00:00.000000000 +0100 +++ mediawiki-1.15.5/debian/patches/CVE-2012-0046.patch 2012-01-13 10:18:21.000000000 +0000 @@ -0,0 +1,17 @@ +Description: prevent cache pollution exposing previously deleted text to + users behind caching proxy +Author: Tim Starling +Bug: https://bugzilla.wikimedia.org/show_bug.cgi?id=33117 +Last-Update: 2012-01-12 + +--- mediawiki-1.15.5.orig/includes/api/ApiQueryRevisions.php ++++ mediawiki-1.15.5/includes/api/ApiQueryRevisions.php +@@ -113,7 +113,7 @@ + $difftoRev = Revision::newFromID($params['diffto']); + if (!$difftoRev) + $this->dieUsageMsg(array('nosuchrevid', $params['diffto'])); +- if (!$difftoRev->userCan(Revision::DELETED_TEXT)) { ++ if ($difftoRev->isDeleted(Revision::DELETED_TEXT)) { + $this->setWarning("Couldn't diff to r{$difftoRev->getID()}: content is hidden"); + $params['diffto'] = null; + } diff -Nru mediawiki-1.15.5/debian/patches/series mediawiki-1.15.5/debian/patches/series --- mediawiki-1.15.5/debian/patches/series 2011-12-17 23:22:51.000000000 +0000 +++ mediawiki-1.15.5/debian/patches/series 2012-01-13 10:12:04.000000000 +0000 @@ -13,3 +13,4 @@ CVE-2011-1587.patch CVE-2011-4360.patch CVE-2011-4361.patch +CVE-2012-0046.patch
