[mediawiki119/el6] Update to 1.19.12

Patrick Uiterwijk puiterwijk at fedoraproject.org
Fri Feb 28 22:16:10 UTC 2014 

commit dfb606b6696bc5f58ebddc4d0a1496da19195f4f
Author: Patrick Uiterwijk <puiterwijk at redhat.com>
Date:   Fri Feb 28 23:17:00 2014 +0100

    Update to 1.19.12
    
    - (bug 60771) SECURITY: Disallow uploading SVG files using non-whitelisted namespaces. Also disallow iframe elements. User will get an error including the namespace name if they use a non- whitelisted namespace.
    - (bug 61346) SECURITY: Make token comparison use constant time. It seems like our token comparison would be vulnerable to timing attacks. This will take constant time.

 .gitignore        |    1 +
 mediawiki119.spec |    9 +++++++--
 sources           |    3 +--
 3 files changed, 9 insertions(+), 4 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index e84a3d9..ec5c5cc 100644
--- a/.gitignore
+++ b/.gitignore
@@ -21,3 +21,4 @@
 /mediawiki-1.19.10.tar.gz.sig
 /mediawiki-1.19.11.tar.gz
 /mediawiki-1.19.11.tar.gz.sig
+/mediawiki-1.19.12.tar.gz
diff --git a/mediawiki119.spec b/mediawiki119.spec
index 2896423..fee9a9a 100644
--- a/mediawiki119.spec
+++ b/mediawiki119.spec
@@ -3,8 +3,8 @@
 
 Summary: A wiki engine
 Name:    mediawiki119
-Version: 1.19.11
-Release: 2%{?dist}
+Version: 1.19.12
+Release: 1%{?dist}
 License: GPLv2+ and public domain and CC-BY-SA
 Group:   Development/Tools
 URL:     http://www.mediawiki.org/
@@ -115,6 +115,11 @@ rm -rf %{buildroot}
 
 
 %changelog
+* Fri Feb 28 2014 Patrick Uiterwijk (LOCAL) <puiterwijk at redhat.com> - 1.19.12-1
+- Update to 1.19.12
+- (bug 60771) SECURITY: Disallow uploading SVG files using non-whitelisted namespaces. Also disallow iframe elements. User will get an error including the namespace name if they use a non- whitelisted namespace.
+- (bug 61346) SECURITY: Make token comparison use constant time. It seems like our token comparison would be vulnerable to timing attacks. This will take constant time.
+
 * Tue Jan 28 2014 Patrick Uiterwijk <puiterwijk at redhat.com> - 1.19.11-2
 - Provide mediawiki (mainly for EL5)
 
diff --git a/sources b/sources
index 91cbbfe..488dfbe 100644
--- a/sources
+++ b/sources
@@ -1,2 +1 @@
-57aac78089efaed18c1c0059db1b306b  mediawiki-1.19.11.tar.gz
-ed6b39f15f5d4f763224e4d002eaa229  mediawiki-1.19.11.tar.gz.sig
+16c0923b0b7877cb515bfde60cd0d79e  mediawiki-1.19.12.tar.gz

More information about the scm-commits mailing list