Bug 134115

Summary:	www-apps/mediawiki-1.6.x (x<6) : XSS vuln
Product:	Gentoo Security	Reporter:	Raphael Marichez (Falco) (RETIRED) <falco>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	minor	CC:	tchiwam, trapni
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://bugzilla.wikimedia.org/show_bug.cgi?id=6055
Whiteboard:	B4 [noglsa] Falco
Package list:		Runtime testing required:	---

Description Raphael Marichez (Falco) (RETIRED) gentoo-dev

2006-05-23 07:48:26 UTC

XSS vuln in the 1.6.x branch, <1.6.6

There will be no GLSA since 1.6.x is still ~arched.

1.6.6 is available http://www.mediawiki.org/wiki/Download. Trapni, Tchiwam, please provide a new ebuild :)

Comment 1 Philippe Trottier (RETIRED) gentoo-dev

2006-05-23 08:49:29 UTC

I can take this, seems to be only an ebuild rename.

Comment 2 Philippe Trottier (RETIRED) gentoo-dev

2006-05-23 08:57:47 UTC

commited ebuild mediawiki-1.6.6.ebuild, I will leave trapni to close the bug as he commited the 1.6.x and he might know more than me. After testing and reading around  I can't find why this would not be as good as the previous ebuild.

Comment 3 Raphael Marichez (Falco) (RETIRED) gentoo-dev

2006-05-23 11:00:05 UTC

thanks tchiwam !

it's the sec-team job to close security bugs. Since the ebuild is commited, i close the bug. Feel free to reopen if any trouble.

Comment 4 Christian Parpart (RETIRED) gentoo-dev

2006-05-30 00:26:35 UTC

thanks philippe