oss-sec mailing list archives
clarification on CVE-2008-5687 (mediawiki)
From: Nico Golde <oss-security+ml () ngolde de>
Date: Wed, 7 Jan 2009 18:57:42 +0100
Hi, the CVE id descriptions says: "MediaWiki 1.11 through 1.13.3 does not properly protect..." while the referenced upstream announce announces 1.13.3 as a security update for 1.13.2. So it doesn't look like 1.13.3 is affected. Also looking at the patch it turns out that 1.13.3 is fixing this by adding an htaccess file. The CVE id description should get an update. Cheers Nico -- Nico Golde - http://www.ngolde.de - nion () jabber ccc de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
Attachment:
_bin
Description:
Current thread:
- clarification on CVE-2008-5687 (mediawiki) Nico Golde (Jan 07)
- Re: clarification on CVE-2008-5687 (mediawiki) Steven M. Christey (Jan 07)