From https://secunia.com/advisories/51424/ : Description Multiple vulnerabilities have been reported in MediaWiki, which can be exploited by malicious users and malicious people to bypass certain security restrictions. 1) Some unspecified errors can be exploited to gain access to another user's account. 2) An unspecified error can be exploited to prevent access to e.g. the "Special:RecentChanges" page. The vulnerabilities are reported in versions prior to 1.18.6, 1.19.3, and 1.20.1. Solution Versions 1.18.6, 1.19.3, and 1.20.1 are scheduled to be release on November 29th, 2012 between 21:00-22:00 UTC. Provided and/or discovered by Reported by the vendor. Original Advisory http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-November/000121.html
Security bumps added to CVS. Feel free to stabilize 1.19.3.
(In reply to comment #1) > Security bumps added to CVS. Feel free to stabilize 1.19.3. Thanks, Tim. Arches, please test and mark stable: =www-apps/mediawiki-1.19.3 Target KEYWORDS: "amd64 ppc x86"
amd64 stable
ppc stable
x86 done, last arch.
Thanks, everyone. GLSA vote: no.
Thanks, folks. GLSA Vote: no too, closing noglsa.