UbuntuUpdates.org

Package "mediawiki-math"

Name: mediawiki-math

Description:

math rendering plugin for MediaWiki
Latest version: 1:1.15.5-7
Release: precise (12.04)
Level: base
Repository: universe
Head package: mediawiki
Homepage: http://www.mediawiki.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "mediawiki-math"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "mediawiki-math" in Precise

No other version of this package is available in the Precise release.

Changelog

Version: *DELETED* 2012-03-06 10:43:48 UTC
No changelog for deleted or moved packages.

Version: 1:1.15.5-7 2012-01-24 13:05:51 UTC

mediawiki (1:1.15.5-7) unstable; urgency=high

  * debian/patches/CVE-2011-4360.patch: remove – the information
    disclosure does not happen on 1.15 and the patch would not
    work anyway because the OutputPage object has no setTitle
    method (this prevents a PHP fatal error when someone has no
    permissions, instead reverting to the pre-1:1.15.5-4 behaviour
    of showing a page asking the user to log in)

 -- Thorsten Glaser Fri, 20 Jan 2012 17:13:28 +0100
Source diff to previous version
CVE-2011-4360 page titles on private wikis

Version: 1:1.15.5-5 2011-12-26 20:03:47 UTC

mediawiki (1:1.15.5-5) unstable; urgency=high

  * Security fixes from upstream:
    CVE-2011-1578 - XSS for IE <= 6
    CVE-2011-1579 - CSS validation error in wikitext parser
    CVE-2011-1580 - access control checks on transwiki import feature
    CVE-2011-1587 - fix incomplete patch for CVE-2011-1578

 -- Jonathan Wiltshire Sun, 18 Dec 2011 23:48:18 +0000
Source diff to previous version
CVE-2011-1578 Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, when Internet Explorer 6 or earlier is used, allows remote attackers to inject ar
CVE-2011-1579 The checkCss function in includes/Sanitizer.php in the wikitext parser in MediaWiki before 1.16.3 does not properly validate Cascading Style Sheets (C
CVE-2011-1580 The transwiki import functionality in MediaWiki before 1.16.3 does not properly check privileges, which allows remote authenticated users to perform i
CVE-2011-1587 Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.4, when Internet Explorer 6 or earlier is used, allows remote attackers to inject ar

Version: 1:1.15.5-4 2011-12-18 16:42:22 UTC

mediawiki (1:1.15.5-4) unstable; urgency=low

  [ Thorsten Glaser ]
  * debian/patches/fix_invalid_sql.patch: new (Closes: #615983)

  [ Jonathan Wiltshire ]
  * Security fixes from upstream (Closes: #650434):
    CVE-2011-4360 - page titles on private wikis could be exposed
    bypassing different page ids to index.php
    CVE-2011-4361 - action=ajax requests were dispatched to the
    relevant function without any read permission checks being done

 -- Jonathan Wiltshire Wed, 30 Nov 2011 22:42:52 +0000
615983 Fwd: [evolvis-Bug Reports][#1377] internal error effected by moving a page in a mediawiki - Debian Bug report logs
650434 mediawiki: two security issues (fixed in 1.17.1) - Debian Bug report logs
CVE-2011-4360 page titles on private wikis
CVE-2011-4361 lack of read permission checks

Version: *DELETED* 2011-12-18 14:32:55 UTC
No changelog for deleted or moved packages.


About   -   Send Feedback to @ubuntu_updates