2011-01-04 23:34:50 |
Jonathan Wiltshire |
bug |
|
|
added bug |
2011-01-04 23:34:50 |
Jonathan Wiltshire |
attachment added |
|
CVE-2011-0003.patch https://bugs.launchpad.net/bugs/697451/+attachment/1783716/+files/CVE-2011-0003.patch |
|
2011-01-04 23:36:44 |
Jonathan Wiltshire |
bug watch added |
|
https://bugzilla.wikipedia.org/show_bug.cgi?id=26561 |
|
2011-01-04 23:36:44 |
Jonathan Wiltshire |
bug task added |
|
mediawiki |
|
2011-01-04 23:37:14 |
Jonathan Wiltshire |
description |
Binary package hint: mediawiki
A clickjacking vulnerability was reported in MediaWiki [1]. This could allow a
malicious web site to compromise the account of the user visiting a
MediaWiki-based web site (an attack similar to cross-site scripting). For full
protection, a user needs to be using a browser that supports the
X-Frame-Options feature [2].
MediaWiki 1.16.1 [3] has been released to correct this flaw. For MediaWiki
1.15.x and earlier, a patch [4] is available which denies all framing.
[1] https://bugzilla.wikimedia.org/show_bug.cgi?id=CVE-2011-0003
[2] https://developer.mozilla.org/en/the_x-frame-options_response_header
[3]
http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_1/phase3/RELEASE-NOTES
[4] http://www.mediawiki.org/wiki/Special:Code/MediaWiki/79566 |
Binary package hint: mediawiki
A clickjacking vulnerability was reported in MediaWiki [1]. This could allow a
malicious web site to compromise the account of the user visiting a
MediaWiki-based web site (an attack similar to cross-site scripting). For full
protection, a user needs to be using a browser that supports the
X-Frame-Options feature [2].
MediaWiki 1.16.1 [3] has been released to correct this flaw. For MediaWiki
1.15.x and earlier, a patch [4] is available which denies all framing.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0003
[2] https://developer.mozilla.org/en/the_x-frame-options_response_header
[3]
http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_1/phase3/RELEASE-NOTES
[4] http://www.mediawiki.org/wiki/Special:Code/MediaWiki/79566
|
|
2011-01-04 23:38:01 |
Jonathan Wiltshire |
bug watch added |
|
https://bugzilla.redhat.com/show_bug.cgi?id=667201 |
|
2011-01-04 23:38:01 |
Jonathan Wiltshire |
bug task added |
|
mediawiki (Fedora) |
|
2011-01-04 23:40:07 |
Jonathan Wiltshire |
bug task added |
|
mediawiki (Debian) |
|
2011-01-04 23:40:21 |
Jonathan Wiltshire |
mediawiki (Debian): status |
New |
In Progress |
|
2011-01-05 13:57:26 |
Jonathan Wiltshire |
bug watch added |
|
https://bugzilla.wikipedia.org/show_bug.cgi?id=26561 |
|
2011-01-10 09:43:16 |
Jonathan Wiltshire |
mediawiki (Debian): status |
In Progress |
Fix Released |
|
2011-01-10 09:43:21 |
Jonathan Wiltshire |
mediawiki (Ubuntu): status |
New |
In Progress |
|
2011-01-10 09:54:48 |
Jonathan Wiltshire |
bug watch added |
|
https://bugzilla.wikimedia.org/show_bug.cgi?id=26561 |
|
2011-01-10 09:56:34 |
Jonathan Wiltshire |
cve linked |
|
2011-0003 |
|
2011-01-11 21:00:41 |
Jamie Strandboge |
visibility |
private |
public |
|
2011-01-11 21:02:02 |
Jamie Strandboge |
mediawiki (Ubuntu): status |
In Progress |
Confirmed |
|
2011-01-11 21:03:15 |
Jamie Strandboge |
mediawiki (Ubuntu): importance |
Undecided |
Medium |
|
2011-01-11 21:05:05 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Karmic |
|
2011-01-11 21:05:05 |
Jamie Strandboge |
bug task added |
|
mediawiki (Ubuntu Karmic) |
|
2011-01-11 21:05:05 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Lucid |
|
2011-01-11 21:05:05 |
Jamie Strandboge |
bug task added |
|
mediawiki (Ubuntu Lucid) |
|
2011-01-11 21:05:05 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Natty |
|
2011-01-11 21:05:05 |
Jamie Strandboge |
bug task added |
|
mediawiki (Ubuntu Natty) |
|
2011-01-11 21:05:05 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Maverick |
|
2011-01-11 21:05:05 |
Jamie Strandboge |
bug task added |
|
mediawiki (Ubuntu Maverick) |
|
2011-01-11 21:05:58 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Hardy |
|
2011-01-11 21:05:58 |
Jamie Strandboge |
bug task added |
|
mediawiki (Ubuntu Hardy) |
|
2011-01-11 21:06:33 |
Jamie Strandboge |
mediawiki (Ubuntu Natty): status |
Confirmed |
Fix Released |
|
2011-01-11 21:07:11 |
Jamie Strandboge |
mediawiki (Ubuntu Lucid): status |
New |
Confirmed |
|
2011-01-11 21:07:15 |
Jamie Strandboge |
mediawiki (Ubuntu Lucid): importance |
Undecided |
Medium |
|
2011-01-11 21:07:22 |
Jamie Strandboge |
mediawiki (Ubuntu Maverick): status |
New |
Confirmed |
|
2011-01-11 21:07:28 |
Jamie Strandboge |
mediawiki (Ubuntu Maverick): importance |
Undecided |
Medium |
|
2011-01-11 21:07:33 |
Jamie Strandboge |
mediawiki (Ubuntu Karmic): status |
New |
Confirmed |
|
2011-01-11 21:07:38 |
Jamie Strandboge |
mediawiki (Ubuntu Karmic): importance |
Undecided |
Medium |
|
2011-10-14 19:03:45 |
Jamie Strandboge |
mediawiki (Ubuntu Karmic): status |
Confirmed |
Won't Fix |
|
2011-10-14 19:04:02 |
Jamie Strandboge |
mediawiki (Ubuntu Hardy): status |
New |
Won't Fix |
|
2011-10-14 19:06:13 |
Jamie Strandboge |
mediawiki: status |
Unknown |
Incomplete |
|
2011-10-14 19:06:14 |
Jamie Strandboge |
mediawiki (Ubuntu): status |
Fix Released |
Incomplete |
|
2011-10-14 19:06:17 |
Jamie Strandboge |
mediawiki (Ubuntu Lucid): status |
Confirmed |
Incomplete |
|
2011-10-14 19:06:18 |
Jamie Strandboge |
mediawiki (Ubuntu Maverick): status |
Confirmed |
Incomplete |
|
2011-10-14 19:06:20 |
Jamie Strandboge |
mediawiki (Ubuntu Natty): status |
Fix Released |
Incomplete |
|
2011-10-14 19:06:21 |
Jamie Strandboge |
mediawiki (Ubuntu Hardy): status |
Won't Fix |
Incomplete |
|
2011-10-14 19:06:23 |
Jamie Strandboge |
mediawiki (Ubuntu Karmic): status |
Won't Fix |
Incomplete |
|
2011-10-14 19:07:22 |
Jamie Strandboge |
mediawiki (Fedora): status |
Unknown |
Incomplete |
|
2011-10-14 19:12:09 |
Jamie Strandboge |
mediawiki: importance |
Unknown |
Undecided |
|
2011-10-14 19:12:09 |
Jamie Strandboge |
mediawiki: status |
Incomplete |
New |
|
2011-10-14 19:12:09 |
Jamie Strandboge |
mediawiki: remote watch |
MediaWiki bug tracker #26561 |
|
|
2011-10-14 19:12:27 |
Jamie Strandboge |
mediawiki: importance |
Undecided |
Unknown |
|
2011-10-14 19:12:27 |
Jamie Strandboge |
mediawiki: status |
New |
Unknown |
|
2011-10-14 19:12:27 |
Jamie Strandboge |
mediawiki: remote watch |
|
MediaWiki bug tracker #26561 |
|
2011-10-14 19:12:48 |
Jamie Strandboge |
mediawiki (Ubuntu Lucid): status |
Incomplete |
Fix Released |
|
2011-10-14 19:13:01 |
Jamie Strandboge |
mediawiki (Ubuntu Natty): status |
Incomplete |
Fix Released |
|
2011-10-14 19:13:19 |
Jamie Strandboge |
mediawiki (Ubuntu Lucid): status |
Fix Released |
Incomplete |
|
2011-10-14 19:13:25 |
Jamie Strandboge |
mediawiki (Ubuntu Karmic): status |
Incomplete |
Won't Fix |
|
2011-10-14 19:13:28 |
Jamie Strandboge |
mediawiki (Ubuntu Hardy): status |
Incomplete |
Won't Fix |
|
2011-10-14 19:13:31 |
Jamie Strandboge |
mediawiki (Ubuntu): status |
Incomplete |
Fix Released |
|
2012-04-13 08:49:39 |
Bug Watch Updater |
mediawiki: status |
Unknown |
Fix Released |
|
2012-04-13 08:49:39 |
Bug Watch Updater |
mediawiki: importance |
Unknown |
High |
|
2012-04-23 22:19:57 |
Jamie Strandboge |
mediawiki (Ubuntu): status |
Fix Released |
Invalid |
|
2012-04-23 22:20:00 |
Jamie Strandboge |
mediawiki (Ubuntu Lucid): status |
Incomplete |
Invalid |
|
2012-04-23 22:20:03 |
Jamie Strandboge |
mediawiki (Ubuntu Maverick): status |
Incomplete |
Invalid |
|
2012-04-23 22:20:06 |
Jamie Strandboge |
mediawiki (Ubuntu Natty): status |
Fix Released |
Invalid |
|
2012-04-23 22:20:08 |
Jamie Strandboge |
mediawiki (Ubuntu Hardy): status |
Won't Fix |
Invalid |
|
2012-04-23 22:20:11 |
Jamie Strandboge |
mediawiki (Ubuntu Karmic): status |
Won't Fix |
Invalid |
|
2012-04-23 22:21:12 |
Jamie Strandboge |
mediawiki (Fedora): status |
Incomplete |
Invalid |
|
2017-10-27 16:28:12 |
Bug Watch Updater |
mediawiki (Fedora): status |
Invalid |
Fix Released |
|
2017-10-27 16:28:12 |
Bug Watch Updater |
mediawiki (Fedora): importance |
Unknown |
Medium |
|