CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2012/09/01 05:10:45
Modified files:
www/mediawiki : Makefile distinfo
www/mediawiki/pkg: PLIST
Log message:
security update to mediawiki 1.19.2, ok maintainer (Wen Heping) and jasper@
CVE-2012-4377 Stored XSS via a File::link to a non-existing image
CVE-2012-4378 Multiple DOM-based XSS flaws due improper filtering of
uselang parameter
CVE-2012-4379 CSRF tokens, available via API, not protected when
X-Frame-Options headers used
CVE-2012-4380 Did not prevent account creation for IP addresses
blocked with GlobalBlocking
CVE-2012-4381 Password saved always to the local MediaWiki database
CVE-2012-4382 Metadata about blocks
