-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 3.0 (quilt) Source: mediawiki Binary: mediawiki, mediawiki-classes Architecture: all Version: 1:1.19.20+dfsg-2.2 Maintainer: Mediawiki Maintenance Team <[email protected]> Uploaders: Jonathan Wiltshire <[email protected]> Homepage: http://www.mediawiki.org/ Standards-Version: 3.9.6 Vcs-Browser: http://anonscm.debian.org/viewvc/pkg-mediawiki/mediawiki/trunk/ Vcs-Svn: svn://anonscm.debian.org/pkg-mediawiki/mediawiki/trunk/ Build-Depends: debhelper (>= 9), dh-buildinfo, ocaml-nox | ocaml, xsltproc, docbook-xml, docbook-xsl, po-debconf Package-List: mediawiki deb web optional arch=all mediawiki-classes deb web optional arch=all Checksums-Sha1: d6f73d41b4c1cdc88870dadfc32405f7f149c054 11632368 mediawiki_1.19.20+dfsg.orig.tar.xz 3a36c7f75d1e01e2241504da9fba99a8460a104c 63476 mediawiki_1.19.20+dfsg-2.2.debian.tar.xz Checksums-Sha256: 0c263ad5e869bbb94c5d4901f89795c52a45fc59a7c6b2fbcac67a9935f3c544 11632368 mediawiki_1.19.20+dfsg.orig.tar.xz 5aee5c1f8b283e5f55e1d699433e0ac778fc7c15d40b9a1b5a9c760e14f5e0e0 63476 mediawiki_1.19.20+dfsg-2.2.debian.tar.xz Files: bfd6477e017ae32c787d16adddac66a2 11632368 mediawiki_1.19.20+dfsg.orig.tar.xz 53e5e484ad1bced1a7685e2a1741ee04 63476 mediawiki_1.19.20+dfsg-2.2.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJUlrlhAAoJEBC+iYPz1Z1kbucIAKo4j8yLUlwUQEBS/3DYujpG qucbV4iksz/nr+v+Ltjok72+sYSvBZeNu2SxoOj8QZULeWgvQMP3VtG3AtxhBSwX gBiyFKk0PT9GgNzn/5QteE2SQL0fxPsZXO5nI/HegS0FBut3AaEU2mP2inTyTQ1B qMg84v1Z6XVJRhZOUPSX4VWCeNUdfXdSBEWNRxewOpq0lGL99viFzuU9JEUhsDX5 7lLpnTnksp8xF7y1P7HbOaxRhcSRQor7h0++nL5h60MPCiYsBvSpKA4IPmdxO3Vy 9qNqNRsyJQjSQAPP9PC1Tq7nDRrw08wXvaZlK/0qSWQCIBXmD2t2i4fFK1ro8i8= =qSBG -----END PGP SIGNATURE----- Changes: mediawiki (1:1.19.20+dfsg-2.2) unstable; urgency=medium * Non-maintainer upload. * Add patch fixing T76686: thumb.php outputs wikitext message as raw HTML, which could lead to xss. Permission to edit MediaWiki namespace is required to exploit this. -- Sebastien Delafond <[email protected]> Sun, 21 Dec 2014 13:11:10 +0100
