Debian Package Tracker

From: Thijs Kinkhorst <thijs@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted mediawiki 1:1.19.20+dfsg-2.3 (source all) into unstable
Date: Mon, 06 Apr 2015 17:20:59 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 06 Apr 2015 16:53:54 +0000
Source: mediawiki
Binary: mediawiki mediawiki-classes
Architecture: source all
Version: 1:1.19.20+dfsg-2.3
Distribution: unstable
Urgency: high
Maintainer: Mediawiki Maintenance Team <pkg-mediawiki-devel@lists.alioth.debian.org>
Changed-By: Thijs Kinkhorst <thijs@debian.org>
Description:
 mediawiki  - website engine for collaborative work
 mediawiki-classes - website engine for collaborative work - standalone classes
Changes:
 mediawiki (1:1.19.20+dfsg-2.3) unstable; urgency=high
 .
   * Non-maintainer upload.
   * Add patch fixing several security issues:
     - (bug T85848, bug T71210) SECURITY: Don't parse XMP blocks that
        contain XML entities, to prevent various DoS attacks.
     - (bug T88310) SECURITY: Always expand xml entities when checking
       SVG's.
     - (bug T73394) SECURITY: Escape > in Html::expandAttributes to
       prevent XSS.
     - (bug T85855) SECURITY: Don't execute another user's CSS or JS
       on preview.
     - (bug T85349, bug T85850, bug T86711) SECURITY: Multiple issues
       fixed in SVG filtering to prevent XSS and protect viewer's
       privacy.
Checksums-Sha1:
 80dba7b9ee2eeece7a918642cdb79a0ea4dc6188 1786 mediawiki_1.19.20+dfsg-2.3.dsc
 0a10955bba150af86b8e5ca6cd3593bd697d5e96 69440 mediawiki_1.19.20+dfsg-2.3.debian.tar.xz
 4df817993bc832fe12feaff4d296a8db3fb16140 11787802 mediawiki_1.19.20+dfsg-2.3_all.deb
 546aaa6e59221f0702917c9da2d1e79d42f1fa1b 238972 mediawiki-classes_1.19.20+dfsg-2.3_all.deb
Checksums-Sha256:
 64a4fe8269e95497be9e118442e9c5177856f78aa51607b65b2b9032f0220a9a 1786 mediawiki_1.19.20+dfsg-2.3.dsc
 5e42586bb35af3daeb5a85f47caf0e50684c1f36644e2772802d6b7919f48948 69440 mediawiki_1.19.20+dfsg-2.3.debian.tar.xz
 2014a4a85d68cd3ac000c18c5867b157fdcd8abf6719dc8bd4ef605bf131df79 11787802 mediawiki_1.19.20+dfsg-2.3_all.deb
 00cba4b2a8117f70dd347e0729671f2370eba13988acad55f3442f12e0c1f344 238972 mediawiki-classes_1.19.20+dfsg-2.3_all.deb
Files:
 c19a7b5a12cc1828603806a838312cde 1786 web optional mediawiki_1.19.20+dfsg-2.3.dsc
 909a19d9d9dc5a0af18c7b4d574f3788 69440 web optional mediawiki_1.19.20+dfsg-2.3.debian.tar.xz
 98896f2bb819b4eb0908638b7b3c9f6d 11787802 web optional mediawiki_1.19.20+dfsg-2.3_all.deb
 edbde0bd777eb1d7b88ead9af1957695 238972 web optional mediawiki-classes_1.19.20+dfsg-2.3_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBCAAGBQJVIr72AAoJEFb2GnlAHawEDd0H/iPF2eSdQUZWl0Vva/a4QQoC
L3CFVn3HAwG6UZ2Gvl71IXiXy4kxL+8hN1vHCLiX1fAqftsyLmex61hHIOdWW3St
YpYq+Yqz/M2/ILePZGdBZ7OrQZwTCL5IS04uxwQYRkOsmdLoP5hKwdDeL6wKbrSJ
sJEjKnAtEBLJz42Xb5XPG8zQ9BCdARKuWsvnKAJtzsCt5xTOF5ATK2RchOnp4ajP
pV/9n93pZ9IMjes13msV+BPtTpJCw8Y6polSfcXrySGzKy954WxhC1xr70ijGgnH
Qk1PapcyAcgx+JjGHUiaU8qQOEGNDwF++3pP4deEgD/4mPlDQrbeaHmACG54J1I=
=CL/d
-----END PGP SIGNATURE-----
News for package mediawiki
