[Secure-testing-team] mediawiki: NMU to fix CVE-2008-5249, CVE-2008-5250, CVE-2008-5252
Giuseppe Iuculano
giuseppe at iuculano.it
Sun Jan 18 16:17:16 UTC 2009
Nico Golde ha scritto:
> Thanks for the work! I will check the patches during the
> next week. How much testing did this patch receive so far?
I'm testing this version (not in production), and for the moment I didn't find
any evident problems, but sure it requires more testing.
> I
> am somehow unhappy get such a huge patch as NMU without
> maintainer input.
I agree wit you, patch is huge but substantially this is the upstream backported
security patch[1] to mediawiki 1.12 branch.
Maintainer wrote[2] he is too busy and help from contributors is welcome.
P.S. CVE-2008-4408: not affected in etch
[1]http://svn.wikimedia.org/viewvc/mediawiki?view=rev&revision=44599
[2]http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508869#21
Cheers,
Giuseppe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20090118/c8c0aca3/attachment.pgp
More information about the Secure-testing-team
mailing list