[Bug 348858] Re: CVE-2009-0737 Multiple cross-site scripting (XSS) vulnerabilities in the web-based installer (config/index.php)

Marc Deslauriers Thu, 26 Mar 2009 05:50:48 -0700

Andreas,

Are you sure about this part in the hardy debdiff:


+Index: mediawiki-1.11.2/includes/GlobalFunctions.php
+===================================================================
+--- mediawiki-1.11.2.orig/includes/GlobalFunctions.php 2008-03-03 
08:09:26.000000000 +0100
++++ mediawiki-1.11.2/includes/GlobalFunctions.php      2009-03-26 
09:40:33.000000000 +0100
+@@ -2320,4 +2320,19 @@
+       return wfIsWindows()
+               ? 'NUL'
+               : '/dev/null';
+-}
+\ No newline at end of file
++}
++

I think the "No newline..." part is a mistake, and now, it's included in
the function...


** Changed in: mediawiki (Ubuntu Intrepid)
       Status: Triaged => Fix Committed

** Changed in: mediawiki (Ubuntu Hardy)
     Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
       Status: Triaged => Incomplete

-- 
CVE-2009-0737 Multiple cross-site scripting (XSS) vulnerabilities in the 
web-based installer (config/index.php)
https://bugs.launchpad.net/bugs/348858
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

-- 
universe-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/universe-bugs

[Bug 348858] Re: CVE-2009-0737 Multiple cross-site scripting (XSS) vulnerabilities in the web-based installer (config/index.php)

Reply via email to