[Pkg-mediawiki-devel] Bug#508868: CVE-2008-5249: XSS vulnerability in MediaWiki
Raphael Geissert
atomo64 at gmail.com
Tue Dec 16 04:46:52 UTC 2008
Package: mediawiki
Version: 1:1.13.2-1
Severity: grave
Tags: security patch
Hi,
The following CVE (Common Vulnerabilities & Exposures) id was published for
mediawiki.
[0]:
> * An XSS vulnerability affecting all MediaWiki installations between
> 1.13.0 and 1.13.2. [CVE-2008-5249]
A patch fixing this and other issues can be found at [0].
If you fix the vulnerability please also make sure to include the CVE id in
the changelog entry.
[0]http://lists.wikimedia.org/pipermail/mediawiki-announce/2008-December/000080.html
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5249
http://security-tracker.debian.net/tracker/CVE-2008-5249
Cheers,
--
Raphael Geissert - Debian Maintainer
www.debian.org - get.debian.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/pkg-mediawiki-devel/attachments/20081215/0a92b19a/attachment.pgp
More information about the Pkg-mediawiki-devel
mailing list