[Pkg-mediawiki-devel] Bug#677895: CVE-2012-2698: unescaped lang and dir
Luk Claes
luk at debian.org
Sun Jun 17 15:01:59 UTC 2012
Package: mediawiki
Severity: important
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for mediawiki.
CVE-2012-2698
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
For a patch see:
https://bugzilla.wikimedia.org/show_bug.cgi?id=36938
https://gerrit.wikimedia.org/r/#/c/7979/
Note that for older versions you might need to use lang and dir instead
of userlang and userdir.
For further information see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2698
http://security-tracker.debian.org/tracker/CVE-2012-2698
Cheers
Luk
More information about the Pkg-mediawiki-devel
mailing list