Viewing all changes in revision 32.
- Committer: Package Import Robot
- Date: 2011-11-30 22:42:52 UTC
- mfrom: (16.1.12 sid)
- Revision ID: package-import@ubuntu.com-20111130224252-zhag0n99qzf8jc7x
[ Thorsten Glaser ]
* debian/patches/fix_invalid_sql.patch: new (Closes: #615983)
[ Jonathan Wiltshire ]
* Security fixes from upstream (Closes: #650434):
CVE-2011-4360 - page titles on private wikis could be exposed
bypassing different page ids to index.php
CVE-2011-4361 - action=ajax requests were dispatched to the
relevant function without any read permission checks being done
* debian/patches/fix_invalid_sql.patch: new (Closes: #615983)
[ Jonathan Wiltshire ]
* Security fixes from upstream (Closes: #650434):
CVE-2011-4360 - page titles on private wikis could be exposed
bypassing different page ids to index.php
CVE-2011-4361 - action=ajax requests were dispatched to the
relevant function without any read permission checks being done
- files added:
- .pc/CVE-2011-4360.patch
- .pc/CVE-2011-4360.patch/includes
- .pc/CVE-2011-4361.patch
- .pc/CVE-2011-4361.patch/includes
- .pc/fix_invalid_sql.patch
- .pc/fix_invalid_sql.patch/includes
- files modified:
- .pc/applied-patches
expand all
collapse all
added
removed
