Comment 5 for bug 348858

This bug was fixed in the package mediawiki - 1:1.13.3-1ubuntu2

---------------
mediawiki (1:1.13.3-1ubuntu2) jaunty; urgency=low

  * SECURITY UPDATE: Multiple cross-site scripting (XSS) vulnerabilities in
    the web-based installer (config/index.php). (LP: #348858)
    - CVE-2009-0737
    - debian/patches/CVE-2009-0737.patch
    - patch based on upstream patches for 1.13.4 and 1.13.5
    - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514547
    - http://lists.wikimedia.org/pipermail/mediawiki-announce/2009-February/000083.html

 -- Andreas Wenning <email address hidden> Thu, 26 Mar 2009 09:25:16 +0100