[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#695986: marked as done (RFS: mediawiki/1:1.15.5-2squeeze4.1 [NMU] [RC])

Your message dated Tue, 18 Dec 2012 14:29:15 +0100
with message-id <20121218132915.GA30591@earth.ramacher.at>
and subject line Re: Bug#695986: RFS: mediawiki/1:1.15.5-2squeeze4.1 [NMU] [RC]
has caused the Debian Bug report #695986,
regarding RFS: mediawiki/1:1.15.5-2squeeze4.1 [NMU] [RC]
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
695986: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695986
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package: sponsorship-requests
Severity: important

Dear mentors,

I am looking for a sponsor for my version 1:1.15.5-2squeeze4.1 of package 
"mediawiki". It is an upload for squeeze-security to fix the security 
issues in bug #694998. I ahve prepared a new upstream version for unstable 
which will migrate to testing shortly and I also backported the fixes to 
the version in squeeze. I have tested them in a clean squeeze chroot and 
they work fine.

Unfortunately, no-one in the pkg-mediawiki team actually seems to care for 
squeeze as, while my mail concerning unstable were answered, I 
still haven't received any comment whatsoever on the squeeze-security update
for several days.

Package name    : mediawiki
Version         : 1:1.15.5-2squeeze4.1
Section         : web

It builds those binary packages:

 mediawiki  - website engine for collaborative work
 mediawiki-math - math rendering plugin for MediaWiki

To access further information about this package, please visit the 
following URL:

  http://mentors.debian.net/package/mediawiki

Alternatively, one can download the package with dget using this 
command:

  dget -x http://mentors.debian.net/debian/pool/main/m/mediawiki/mediawiki_1.15.5-2squeeze4.1.dsc

Changes since the last upload:

 mediawiki (1:1.15.5-2squeeze4.1) squeeze-security; urgency=low

   * Non-maintainer upload.
   * Backported security fixes from upstream (Closes: #694998):
     + CVE-2012-5391, CVE-2012-5395
       Prevent session fixation in Special:UserLogin
     + Prevent linker regex from exceeding backtrack limit

I intentionally did not touch any lintian warning that were not introduced 
by these changes to make the changes to squeeze minimal and only 
security-related.

  Regards,
   Dominik George

- -- 
* mirabilos is handling my post-1990 smartphone *
<mirabilos> Aaah, it vibrates! Wherefor art thou, daemonic device??

PGP fingerprint: 2086 9A4B E67D 1DCD FFF6  F6C1 59FC 8E1D 6F2A 8001
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)

iQFOBAEBCAA4BQJQzEBDMRpodHRwczovL3d3dy5kb21pbmlrLWdlb3JnZS5kZS9n
cGctcG9saWN5LnR4dC5hc2MACgkQWfyOHW8qgAExrgf/V+WTlbGkAwFyUlbvwH5T
YWi+Fgjv824ZtHiefKQTQXxur0+8cWkOG96LPUu2PqByJ1j3LykzWU70yV+KbMZz
nTvB/pvPQGjpRZtJyi+d6QsujGpph+Ew06t39/eUcInGiuPGfimhyONIcZEwyRPr
i2X2pc1s7ozhZGWSz3KKyOil4qUcOCbFK8HnALqlUpXUeLVXVAK5rfvSOf4SFN0E
18xmw6nNls020HWDIefSNrSMLILjvykxVfDGt+hTnFWq97S9d9pz5CB/ij1bujdZ
YGsFgiJZ3lI4jbSRahnZAcx1aL8cL/SCB+8gpg8/0e1WWcKYe1vXusTmJLnigvNc
aA==
=SFAS
-----END PGP SIGNATURE-----

--- End Message ---
--- Begin Message --- 
1:1.15.5-2squeeze5 has been uploaded to s-p-u [1].

Regards

[1] http://packages.qa.debian.org/m/mediawiki/news/20121217T214705Z.html
-- 
Sebastian Ramacher

--- End Message ---
Reply to: