Subject: CVS commit: [pkgsrc-2012Q2] pkgsrc/www/mediawiki
From: Matthias Scheler
Date: 2012-09-09 18:20:12
Message id: 20120909162012.8FE8E175DD@cvs.netbsd.org
Log Message:
Pullup ticket #3917 - requested by wen
www/mediawiki: security update

Revisions pulled up:
- www/mediawiki/Makefile                                        1.22
- www/mediawiki/PLIST                                           1.11
- www/mediawiki/distinfo                                        1.15

---
   Module Name:    pkgsrc
   Committed By:   wen
   Date:           Sun Sep  2 00:29:34 UTC 2012

   Modified Files:
           pkgsrc/www/mediawiki: Makefile PLIST distinfo

   Log Message:
   Update to 1.19.2
   It is a security update, fix CVE-2012-4377 CVE-2012-4378 CVE-2012-4379
   CVE-2012-4380 CVE-2012-4381 CVE-2012-4382.

   Upstream changes:
   Changes since 1.19.1
   (bug 39700) File: link to non-existing file can inject html
   (bug 39823) Hidden block text leaking to admins
   (bug 39184) LDAP password leakage
   (bug 39180) Disallow framing of api results
   (bug 37587) Enforce language codes to be html safe
   (bug 39824) Check global blocks on account creation
Files:
RevisionActionfile
1.21.2.1modifypkgsrc/www/mediawiki/Makefile
1.10.2.1modifypkgsrc/www/mediawiki/PLIST
1.14.2.1modifypkgsrc/www/mediawiki/distinfo