1
Candidate: CVE-2015-2934
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2934
5
https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
6
http://www.openwall.com/lists/oss-security/2015/04/01/1
8
MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 does
9
not properly handle when the Zend interpreter xml_parse function does not
10
expand entities, which allows remote attackers to inject arbitrary web
11
script or HTML via a crafted SVG file.
20
upstream_mediawiki: released (1:1.19.20+dfsg-2.3)
21
lucid_mediawiki: ignored (reached end-of-life)
22
precise_mediawiki: ignored (reached end-of-life)
23
precise/esm_mediawiki: DNE (precise was needed)
24
trusty_mediawiki: needed
25
utopic_mediawiki: ignored (reached end-of-life)
26
vivid_mediawiki: ignored (reached end-of-life)
27
vivid/stable-phone-overlay_mediawiki: DNE
28
vivid/ubuntu-core_mediawiki: DNE
29
wily_mediawiki: ignored (reached end-of-life)
31
yakkety_mediawiki: ignored (reached end-of-life)
32
zesty_mediawiki: ignored (reached end-of-life)
33
artful_mediawiki: needed
34
bionic_mediawiki: needed
35
devel_mediawiki: needed