~ubuntu-branches/debian/squeeze/mediawiki/squeeze

Viewing all changes in revision 29.

Committer: Package Import Robot
Author(s): Jonathan Wiltshire, Dominik George
Date: 2012-12-16 17:53:38 UTC
Revision ID: package-import@ubuntu.com-20121216175338-yww3xg2e3svd4gqr

Tags: 1:1.15.5-2squeeze5

http://bugs.debian.org/694998

[ Dominik George ]
* Security fixes from upstream (Closes: #694998):
- CVE-2012-5391 - Prevent session fixation in Special:UserLogin
- Prevent linker regex from exceeding backtrack limit

files added:
.pc/.quilt_patches

.pc/.quilt_series

.pc/CVE-2012-5391.patch

.pc/CVE-2012-5391.patch/includes

.pc/CVE-2012-5391.patch/includes/specials

.pc/CVE-2012-5391.patch/includes/specials/SpecialUserlogin.php

.pc/pcre-linker-backtrack.patch

.pc/pcre-linker-backtrack.patch/includes

.pc/pcre-linker-backtrack.patch/includes/Linker.php

debian/patches/CVE-2012-5391.patch

debian/patches/pcre-linker-backtrack.patch

files modified:
.pc/applied-patches

debian/changelog

debian/patches/series

includes/Linker.php

includes/specials/SpecialUserlogin.php

expand all

Show diffs side-by-side

added added

removed removed

.pc/.quilt_patches

.pc/.quilt_series

.pc/CVE-2012-5391.patch/

.pc/CVE-2012-5391.patch/includes/

.pc/CVE-2012-5391.patch/includes/specials/

.pc/CVE-2012-5391.patch/includes/specials/SpecialUserlogin.php

.pc/applied-patches

.pc/pcre-linker-backtrack.patch/

.pc/pcre-linker-backtrack.patch/includes/

.pc/pcre-linker-backtrack.patch/includes/Linker.php

debian/changelog

debian/patches/CVE-2012-5391.patch

debian/patches/pcre-linker-backtrack.patch

debian/patches/series

includes/Linker.php

includes/specials/SpecialUserlogin.php

Older »