Comment 9 for bug 603740

This bug was fixed in the package mediawiki - 1:1.11.2-2ubuntu0.7

---------------
mediawiki (1:1.11.2-2ubuntu0.7) hardy-security; urgency=low

  * SECURITY UPDATE: Data leakage vulnerability in thumb.php affecting wikis
    which restrict access to private files using eg. img_auth.php.
    - CVE-2010-1190
    - debian/patches/DataLeakage-CVE-2010-1190.patch
    - patch based on upstream SVN rev. 63436
    - http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
    - LP: #603740
 -- Andreas Wenning <email address hidden> Fri, 09 Jul 2010 22:38:34 +0200