CVE-2009-4589 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4589): Cross-site scripting (XSS) vulnerability in the Special:Block implementation in the getContribsLink function in SpecialBlockip.php in MediaWiki 1.14.0 and 1.15.0 allows remote attackers to inject arbitrary web script or HTML via the ip parameter.
Package was already bumped, calling arches.
Arches, please test and mark stable: =www-apps/mediawiki-1.14.1 Target keywords : "amd64 ppc sparc x86" Already stabled : "ppc" Missing keywords: "amd64 sparc x86" =www-apps/mediawiki-1.15.1 Target keywords : "amd64 ppc sparc x86"
x86 stable
amd64 stable
Marked ppc stable.
sparc stable
+ 12 Aug 2010; Alex Legler <a3li@gentoo.org> -mediawiki-1.11.2.ebuild, + -mediawiki-1.12.3.ebuild, -mediawiki-1.13.3.ebuild, + -mediawiki-1.13.5.ebuild, -mediawiki-1.14.0.ebuild, + -mediawiki-1.15.1.ebuild: + Non-maintainer commit: Removing vulnerable versions for bug 300220. + Closing noglsa.