[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#217571: security note

	Hi Joey!

Le Samedi 30 Juillet 2005 04:51, Joey Hess a écrit :
> Note that a number of security holes have been found in mediawiki over
> the last year. The latest one, CAN-2005-2396 is a cross-site-scripting
> hole affecting version 1.4.6 and earlier.
> (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2396)
> A few others include CAN-2005-1245, CAN-2005-0536, CAN-2005-0535,
> CAN-2005-0534, CAN-2004-1405, CAN-2004-2152.

Thank you for this warning.
I've search for security holes there: 
And it appears that all bugs that are known yet affect versions 1.4.6 and 
earlier, but the upstream we are actually working on is the 1.4.7, so it 
seems that for now we don't have to do anything on it.


   You can fool some people sometimes,
   But you can't fool all the people all the time.

Attachment: pgpXFq7efZy9L.pgp
Description: PGP signature

Reply to: