edwin 2005-12-20 20:52:18 UTC
FreeBSD ports repository
Modified files:
www/mediawiki Makefile distinfo
Log:
www/mediawiki update to 1.5.3 (security update)
Fixes a security issue: Validation of the user language
option was broken by a code change in May 2005, opening the
possibility of remote code execution as this parameter is
used in forming a class name dynamically created with eval().
The validation has been corrected in this version. All
prior 1.5 release and prelease versions are affected; 1.4
and earlier and not affected.
PR: ports/90335
Submitted by: Thomas Vogt <[EMAIL PROTECTED]>
Approved by: maintainer timeout
Revision Changes Path
1.18 +1 -1 ports/www/mediawiki/Makefile
1.15 +3 -2 ports/www/mediawiki/distinfo
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
