[evolvis-commits] r18309: New upstream security release 1.15.5

mirabilos at evolvis.org mirabilos at evolvis.org
Wed Apr 11 11:16:28 CEST 2012


Author: mirabilos
Date: 2012-04-11 11:16:27 +0200 (Wed, 11 Apr 2012)
New Revision: 18309

Modified:
   trunk/mediawiki/debian/changelog
Log:
New upstream security release 1.15.5

Modified: trunk/mediawiki/debian/changelog
===================================================================
--- trunk/mediawiki/debian/changelog	2012-04-11 09:16:26 UTC (rev 18308)
+++ trunk/mediawiki/debian/changelog	2012-04-11 09:16:27 UTC (rev 18309)
@@ -1,11 +1,19 @@
-mediawiki (1:1.15.4-3) UNRELEASED; urgency=low
+mediawiki (1:1.15.5-1) UNRELEASED; urgency=high
 
+  [ Thorsten Glaser ]
   * debian/patches/suppress_warnings.patch: new, suppress warnings
     about session_start() being called twice also in the PHP error
     log, not just MediaWiki’s, for example run from FusionForge
 
- -- Thorsten Glaser <tg at mirbsd.de>  Wed, 28 Jul 2010 11:51:44 +0200
+  [ Jonathan Wiltshire ]
+  * New upstream security release:
+    - correctly set caching headers to prevent private data leakage
+         (closes: #590660, LP: #610782)
+    - fix XSS vulnerability in profileinfo.php
+         (closes: #590669, LP: #610819)
 
+ -- Jonathan Wiltshire <debian at jwiltshire.org.uk>  Wed, 28 Jul 2010 11:50:39 +0100
+
 mediawiki (1:1.15.4-2) unstable; urgency=low
 
   [ Thorsten Glaser ]



More information about the evolvis-commits mailing list