[Secure-testing-team] Bug#861585: mediawiki: CVE-2017-0372 (included in security release 1.27.3 and 1.28.2)
Salvatore Bonaccorso
carnil at debian.org
Mon May 1 04:51:04 UTC 2017
Source: mediawiki
Version: 1:1.27.2-1
Severity: important
Tags: upstream security fixed-upstream
Hi
Due to a mistake in the packaging, cf. [1], the upstream releases
1.27.2 and 1.28.1 did not contain the fix for
https://phabricator.wikimedia.org/T158689 (which is CVE-2017-0372).
New releases were issued.
[1] https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000209.html
Regards,
Salvatore
More information about the Secure-testing-team
mailing list