Bug 14212 - mediawiki new security issue fixed upstream in 1.23.5
Summary: mediawiki new security issue fixed upstream in 1.23.5
Status: RESOLVED DUPLICATE of bug 14182
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 4
Hardware: i586 Linux
Priority: Normal normal
Target Milestone: ---
Assignee: Mageia Bug Squad
QA Contact: Sec team
URL:
Whiteboard: MGA3TOO
Keywords:
Depends on:
Blocks:
 
Reported: 2014-10-02 02:35 CEST by David Walser
Modified: 2014-10-02 14:43 CEST (History)
0 users

See Also:
Source RPM: mediawiki-1.23.4-1.mga4.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2014-10-02 02:35:18 CEST 
Upstream has announced version 1.23.5 on October 1:
https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html

I haven't seen a CVE request yet.

I'll hold off on an advisory for now, so see the upstream one.

I've checked it into SVN for Mageia 3, Mageia 4, and Cauldron, and sent a freeze push request.

Reproducible: 

Steps to Reproduce:
David Walser 2014-10-02 02:35:25 CEST

Whiteboard: (none) => MGA3TOO

Comment 1 David Walser 2014-10-02 14:35:41 CEST 
CVE request:
http://www.openwall.com/lists/oss-security/2014/10/02/29

I've pushed this to the build system and the previous update isn't pushed, so we'll have to handle QA testing it in the other bug (Bug 14182).

Depends on: (none) => 14182

David Walser 2014-10-02 14:43:09 CEST

Depends on: 14182 => (none)

Comment 2 David Walser 2014-10-02 14:43:41 CEST 
Actually I'll just mark this as a duplicate.

*** This bug has been marked as a duplicate of bug 14182 ***

Status: NEW => RESOLVED
Resolution: (none) => DUPLICATE
Note You need to log in before you can comment on or make changes to this bug.