← Back to team overview

registry team mailing list archive

  1. registry team
  2. Mailing list archive
  3. Message #07885

[Bug 603740] Re: [CVE-2010-1190] Data leakage vulnerability in thumb.php

  Thread PreviousDate PreviousThread Next 
This bug was fixed in the package mediawiki - 1:1.15.0-1.1ubuntu0.4

---------------
mediawiki (1:1.15.0-1.1ubuntu0.4) karmic-security; urgency=low

  * SECURITY UPDATE: Data leakage vulnerability in thumb.php affecting wikis
    which restrict access to private files using eg. img_auth.php.
    - CVE-2010-1190
    - debian/patches/DataLeakage-CVE-2010-1190.patch
    - patch from upstream SVN rev. 63436
    - http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
    - LP: #603740
 -- Andreas Wenning <awen@xxxxxxx>   Fri, 09 Jul 2010 22:23:06 +0200

** Changed in: mediawiki (Ubuntu Karmic)
       Status: Fix Committed => Fix Released

** Changed in: mediawiki (Ubuntu Jaunty)
       Status: Fix Committed => Fix Released

-- 
[CVE-2010-1190] Data leakage vulnerability in thumb.php
https://bugs.launchpad.net/bugs/603740
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for Debian.
  Thread PreviousDate PreviousThread Next