Skip to content

Debian Changelog mediawiki (1:1.15.1-1)

2009

mediawiki (1:1.15.1-1) unstable; urgency=low 

   * New upstream release.
   * Ack previous NMU, thanks to Nico Golde for taking care
     of this.

 -- Romain Beauxis <toots@rastageeks.org>  Sun, 09 Aug 2009 10:46:41 -0500

mediawiki (1:1.15.0-1.1) unstable; urgency=high 

   * Non-maintainer upload by the Security Team.
   * Fix cross-site scripting in [[Special:Block]]
     (No CVE id yet; XSS-no-CVE.patch; Closes: #537634).

 -- Nico Golde <nion@debian.org>  Sun, 26 Jul 2009 18:11:07 +0200

mediawiki (1:1.15.0-1) unstable; urgency=low 

   * New upstream release.
   * Upstream added support for OASIS documents.
   Closes: #530328
   * Refreshed quilt patches
   * Bumped standards versions to 3.8.2
   * Bumped compat to 7
   * Pointed to GPL-2 in debian/copyright
   * Added php5-sqlite to possible DB backend dependencies.
   Closes: #501569
   * Proofread README.Debian, upgrade is documented there.
   Closes: #520121

 -- Romain Beauxis <toots@rastageeks.org>  Fri, 19 Jun 2009 01:38:50 +0200

mediawiki (1:1.14.0-1) unstable; urgency=low 

   * New upstream release.
   * Fixed issues in the installer:
   "A number of cross-site scripting (XSS) security vulnerabilities were
    discovered in the web-based installer (config/index.php).
    These vulnerabilities all require a live installer once the installer
    has been used to install a wiki, it is deactivated.
 
    Note that cross-site scripting vulnerabilities can be used to attack
    any website in the same cookie domain. So if you have an uninstalled
    copy of MediaWiki on the same site as an active web service, MediaWiki
    could be used to attack the active service."
   Closes: #514547
   * Fixed typo in README.Debian
   Closes: #515192
   * Updated japanese debconf translation, thanks to Hideki Yamane
   Closes: #510896
   * Added a file in debian/copyright

 -- Romain Beauxis <toots@rastageeks.org>  Fri, 06 Mar 2009 20:29:17 +0100

2008

mediawiki (1:1.13.3-1) unstable; urgency=low 

   * New upstream release.
   * Fix CVE-2008-5249: XSS vulnerability in MediaWiki:
   "An XSS vulnerability affecting all MediaWiki installations between
    1.13.0 and 1.13.2."
   Closes: #508868
   * Fix CVE-2008-5250: several local script injection vulnerabilities
     in MediaWiki:
   "o A local script injection vulnerability affecting Internet Explorer
      clients for all MediaWiki installations with uploads enabled.
    o A local script injection vulnerability affecting clients with SVG
      scripting capability (such as Firefox 1.5+), for all MediaWiki
      installations with SVG uploads enabled."
   Closes: #508869
   * Fix CVE-2008-5252: CSRF vulnerability affecting the Special:Import
     feature in MediaWiki:
   "A CSRF vulnerability affecting the Special:Import feature, for all
    MediaWiki installations since the feature was introduced in 1.3.0."
   Closes: #508870

 -- Romain Beauxis <toots@rastageeks.org>  Thu, 18 Dec 2008 02:37:58 +0100

mediawiki (1:1.13.2-1) unstable; urgency=low 

   * New upstream release
   * Fix CVE-2008-4408: XSS in mediawiki:
     "Cross-site scripting (XSS) vulnerability allows remote attackers
      to inject arbitrary web script or HTML via the useskin parameter
      to an unspecified component."
   Closes: #501115

 -- Romain Beauxis <toots@rastageeks.org>  Sat, 11 Oct 2008 15:02:39 +0200

mediawiki (1:1.13.0-2) unstable; urgency=low 

   * Removed buggy postgresql patch
   Closes: #497042

 -- Romain Beauxis <toots@rastageeks.org>  Sat, 30 Aug 2008 14:06:47 +0200

mediawiki (1:1.13.0-1) unstable; urgency=low 

   * New upstream release
   * Fixed watch file. Closes: #490009
   * Refreshed patches
   * Bumped standard-version to 3.8.0
   * Fixed latex-related dependencies in mediawiki-math
   * Removed obsolete linda override, thanks lintian !

 -- Romain Beauxis <toots@rastageeks.org>  Sun, 17 Aug 2008 11:01:43 +0200

mediawiki (1:1.12.0-2) unstable; urgency=low 

   * Fixed postgresql dependency
   Closes: #472987
   * Added instructions to install and upgrade
   Closes: #472990, #472831

 -- Romain Beauxis <toots@rastageeks.org>  Mon, 24 Mar 2008 02:49:15 +0100

mediawiki (1:1.12.0-1) unstable; urgency=low 

   * New upstream release
   * Updated patch for postfix support: dropped what
     has been implemented upstream
   * Refreshed other patches, thanks to quilt
   * Changed postgresql recommends to "postgresql" package
   Closes: #469582

 -- Romain Beauxis <toots@rastageeks.org>  Mon, 24 Mar 2008 02:20:12 +0100

mediawiki (1:1.11.2-2) unstable; urgency=high 

   * Added patch to fix pgsql select, thanks to Marc Dequènes
   Closes: #469841
   * Upated README.Debian to mention php5-gd instead of php5-gd2
   and texlive-latex-base instead to tetex-bin.
   Closes: #469558
   * still setting urgency to high since previous upload didn't make it
   to testing.

 -- Romain Beauxis <toots@rastageeks.org>  Mon, 03 Mar 2008 13:58:57 +0100

mediawiki (1:1.11.2-1) unstable; urgency=high 

   * New upstream release
   * Security fix:
       "Possible cross-site information leaks using the callback
        parameter for JSON-formatted results in the API are prevented by
        dropping user credentials."
   * Added informations on LocalSettings.php in README.Debian
   Closes: #462609

 -- Romain Beauxis <toots@rastageeks.org>  Mon, 03 Mar 2008 13:16:27 +0100

mediawiki (1:1.11.1-1) unstable; urgency=high 

   * New upstream release
   * A potential XSS injection vector affecting
     Microsoft Internet Explorer users has been
     closed.

 -- Romain Beauxis <toots@rastageeks.org>  Sat, 26 Jan 2008 02:57:53 +0100

mediawiki (1:1.11.0-4) unstable; urgency=low 

   * Really add the patch for #459312
   * Added also patch to fix #459617
     Closes: #459617
   * Merged two previous patches

 -- Romain Beauxis <toots@rastageeks.org>  Fri, 18 Jan 2008 16:14:59 +0100

mediawiki (1:1.11.0-3) unstable; urgency=low 

   * Really remove debian specific scripts
   * Backported patch to fix unserialize with postgre
     Closes: #459312
   * Added finnish translation of the debconf templates, thanks to Esko
     Arajärvi. Closes: #456983
   * Updated standards to 3.7.3 (no changes)

 -- Romain Beauxis <toots@rastageeks.org>  Mon, 07 Jan 2008 15:03:15 +0100

2007

mediawiki (1:1.11.0-2) unstable; urgency=low 

   * Initial upload of 1.11.0 to unstable

 -- Romain Beauxis <toots@rastageeks.org>  Sat, 03 Nov 2007 16:39:47 +0100

mediawiki (1:1.11.0-1) experimental; urgency=low 

   * Removed mediawikiX versioned packages
   * Updated to mediawiki 1.11
   * Removed automatic upgrade script
   * Updated README.Debian (Closes: #442311, #442302)
   * Changed default upload directory (Closes: #444445)

 -- Romain Beauxis <toots@rastageeks.org>  Sun, 21 Oct 2007 20:54:00 +0200

mediawiki (1:1.10) unstable; urgency=low 

   * Switched to mediawiki1.10
   * Mediawiki1.10 recommends mediawiki-math (Closes: #428021)

 -- Romain Beauxis <toots@rastageeks.org>  Tue, 10 Jul 2007 19:29:01 +0200

mediawiki (1:1.9) unstable; urgency=low 

   * Switched to mediawiki1.9, closes: #392932
   * Corrected typo in control, closes: #414121
   * Seperated -math extension to a single package, closes: #401714

 -- Romain Beauxis <toots@rastageeks.org>  Thu, 12 Apr 2007 17:02:05 +0200

2006

mediawiki (1:1.7) unstable; urgency=low 

   * Initial Release

 -- Romain Beauxis <toots@rastageeks.org>  Mon, 6 Nov 2006 15:36:44 +0100

Generated Sun Aug 9 23:35:57 2009 UTC by Parse::DebianChangelog (v1.1.1)
Contact debian-www@lists.debian.org in case of problems.