-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 11 May 2013 16:07:43 +0100 Source: mediawiki Binary: mediawiki Architecture: source all Version: 1:1.19.6-1 Distribution: unstable Urgency: low Maintainer: Mediawiki Maintenance Team <pkg-mediawiki-de...@lists.alioth.debian.org> Changed-By: Jonathan Wiltshire <j...@debian.org> Description: mediawiki - website engine for collaborative work Closes: 706601 Changes: mediawiki (1:1.19.6-1) unstable; urgency=low . * New upstream security release (Closes: #706601): - SVG script filtering could be bypassed for Chrome and Firefox clients by using an encoding that MediaWiki understood, but these browsers interpreted as UTF-8. (CVE-2013-2031) - Internal review discovered that extensions were not given the opportunity to disable a password reset, which could lead to circumvention of two-factor authentication (CVE-2013-2032) Checksums-Sha1: 3141fec52166a3919b1ab54d63cb1af862d8d6b2 2096 mediawiki_1.19.6-1.dsc 4a04c2dc83180067a6d72624e5e9683dbacb5397 18550832 mediawiki_1.19.6.orig.tar.gz 09c60b6746152d4e6cd6dffb7bf07e25a0d39e61 39387 mediawiki_1.19.6-1.debian.tar.gz 1c21c1a3d64124e9c5e5e1d3dd76f8d12a19f18c 17750230 mediawiki_1.19.6-1_all.deb Checksums-Sha256: fb6689cbe7cc6a3858d456e458d2dd02e2e5736f9d9ce48cb46913faaee06111 2096 mediawiki_1.19.6-1.dsc c5056635c099b8fc7362807047b1bd2e10c2e4fb12904bf4ace3b0b8474693a2 18550832 mediawiki_1.19.6.orig.tar.gz 34c83c17a42c9bc0ff47612c6605f22a2874a0fabd42977d93f7cff989872d89 39387 mediawiki_1.19.6-1.debian.tar.gz f389504d1550192ddcc44438d99fdf73354d45508a0a3c726d29b8b5cac01eec 17750230 mediawiki_1.19.6-1_all.deb Files: b2d241e6747b1eaa1bbb2fb802b4e6e7 2096 web optional mediawiki_1.19.6-1.dsc 8e4c6896d3d1835bdf0f17da7dffb34e 18550832 web optional mediawiki_1.19.6.orig.tar.gz 7ae27c8d23c590a1e1b17edb5076fb41 39387 web optional mediawiki_1.19.6-1.debian.tar.gz 091c18803862207671508303e80e5db1 17750230 web optional mediawiki_1.19.6-1_all.deb
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJRjmTUAAoJEFC7AtTIpr9htuEP/iBAmvF5B1jE91WPHK/qJoHs i/qYBLfy+paEbBha8Ub8ocg2ocKmLdQkDl4CHRmwsCAc6CnHd1xjH6FWtqflAzPs yjD2ss1Ui5fgUp3Q4BslXuOeWea4nlsaYUiGp9ismVscB1gGMXza9cc4EAKzerS5 MYGBT3bqhsOMqHOU4axo5kkm7ZQkUTUN5O0T/etGcqm4bqa8PN1aDYBlfmdoZ7lh suH28d6OMgHQZ9efFszmiaBE/0CIvmdZKpEvgVChUQ9qOpSEDlbFxGVom1bZiU7O wIeJXSPX6D95KrvWQNxwGfuxMxryqLnYaOLF3nS43S7usX1EPHbxN2ZQQBkxo0L5 FeiHDNxLAvvi3xA4NZSCqk6stnyTw2zbaRf3EJi7Cd304K/FQInYNSLsriFbmtaF XGDRFVNzrKB3AsB+kexJVoarxnXVI1dbYbvxZxgkQtOifkdobrmYf5Q45zym86Mp K+zFZKK9dpqr12GvzHPJ3sruTMKAXPY7zLLRXMBZrpKHRC+LATD9Y1VqQc9sB9Rd xqp4470dUEy614ZQn598EFEzTMZDHpJq2DsbjYz5fbtSxmFOkKPsYR2Z3APSFRS8 14V2H1Gv7t6X9JrGJb4zIf6TTsaLrGEr9HxOJK4HLZgIYWmHtWPJlZ0ySLhFRhx/ zE9wn9pwI5O5noAJrx75 =qufW -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1ubc2q-00043t...@franck.debian.org