cve-ass...@mitre.org dixit:
See http://bugs.debian.org/696179 for details.
Use CVE-2012-6453.
Ok, thanks!
Forwarding to all parties: this is DSA-2596-1 for mediawiki-extensions.
bye,
//mirabilos
--
I want one of these. They cost 720 € though… good they don’t have the HD hole,
which indicates
Dixi quod…
Of course, this will not work on the message body. I’ll look at
Ok, it’s worse than I expected: when using “text” mode
with desc=on, the body is also vulnerable but on the
other hand, proper HTML is broken:
‣ pWill drive to a
On Mon, 17 Dec 2012, Jonathan Wiltshire wrote:
At a quick glance this appears to affect upstream
Can you confirm this
Yes, it does.
have you sought out a CVE
number?
No, I’ve got no idea how all this CVE stuff works.
Do you volunteer, or one of the Mediawiki guys lurking here?
Otherwise
On Mon, 17 Dec 2012, Platonides wrote:
http://www.mediawiki.org/wiki/Extension:RSS_Reader seems to live
exclusively at the wiki page, instead of being at a repository.
[…]
Just edit the page when fixing the bug.
Oh, okay. I just did so.
On Mon, 17 Dec 2012, Jonathan Wiltshire wrote:
(for
4 matches
Mail list logo