SECURITY update to mediawiki 1.18.1; CVE-2012-0046; prop=revisions would

expose deleted text to unprivileged users through cache pollution.

ok Wen Heping (maintainer)

www/mediawiki/Makefile

@@ -1,16 +1,15 @@
-# $OpenBSD: Makefile,v 1.33 2012/01/11 22:27:26 sthen Exp $
+# $OpenBSD: Makefile,v 1.34 2012/01/23 09:47:38 sthen Exp $
 
 COMMENT =	web-based collaborative editing environment
 
-DISTNAME =	mediawiki-1.18.0
-REVISION =	0
+DISTNAME =	mediawiki-1.18.1
 CATEGORIES =	www
 
 HOMEPAGE =	http://www.mediawiki.org/
 
 MAINTAINER =	Wen Heping <wenheping@gmail.com>
 
-# GPLv2
+# GPLv2+
 PERMIT_PACKAGE_CDROM =	Yes
 PERMIT_PACKAGE_FTP =	Yes
 PERMIT_DISTFILES_CDROM =Yes

www/mediawiki/distinfo

@@ -1,5 +1,5 @@
-MD5 (mediawiki-1.18.0.tar.gz) = IdJWD/GnGjCceGx1OTGr4A==
-RMD160 (mediawiki-1.18.0.tar.gz) = noPn8H7hHaQ0ivsBp6rWNQEXau8=
-SHA1 (mediawiki-1.18.0.tar.gz) = T0Hrz5hoc2Ja4iZB2o3KdlQpFKc=
-SHA256 (mediawiki-1.18.0.tar.gz) = 2lIq3GWSgMWpWBPFcddve8VVlC4K46X22S6ahS4lIHc=
-SIZE (mediawiki-1.18.0.tar.gz) = 17018978
+MD5 (mediawiki-1.18.1.tar.gz) = 6kfvIPRyVOFg7VLgHvRAHA==
+RMD160 (mediawiki-1.18.1.tar.gz) = Bmhx9j04EgugmF9RaDUaamakV1g=
+SHA1 (mediawiki-1.18.1.tar.gz) = HEM1I6WuKDXpdGIFPgitfAHheNI=
+SHA256 (mediawiki-1.18.1.tar.gz) = 2dsWtPGLxDmE8yOtkPck7l/6UuHyHmxFO8jUsSEOGjQ=
+SIZE (mediawiki-1.18.1.tar.gz) = 17271798

www/mediawiki/pkg/PLIST

@@ -1,4 +1,4 @@
-@comment $OpenBSD: PLIST,v 1.14 2011/12/21 14:00:34 jasper Exp $
+@comment $OpenBSD: PLIST,v 1.15 2012/01/23 09:47:38 sthen Exp $
 @pkgpath www/mediawiki
 mediawiki/
 mediawiki/COPYING
@@ -1640,6 +1640,7 @@ mediawiki/maintenance/oracle/archives/patch_create_17_functions.sql
 mediawiki/maintenance/oracle/archives/patch_fk_rename_deferred.sql
 mediawiki/maintenance/oracle/archives/patch_namespace_defaults.sql
 mediawiki/maintenance/oracle/archives/patch_rebuild_dupfunc.sql
+mediawiki/maintenance/oracle/archives/patch_recentchanges_fk2_cascade.sql
 mediawiki/maintenance/oracle/archives/patch_remove_not_null_empty_defs.sql
 mediawiki/maintenance/oracle/patch_seq_names_pre1.16.sql
 mediawiki/maintenance/oracle/tables.sql
@@ -1685,6 +1686,8 @@ mediawiki/maintenance/postgres/archives/patch-ts2pagetitle.sql
 mediawiki/maintenance/postgres/archives/patch-tsearch2funcs.sql
 mediawiki/maintenance/postgres/archives/patch-update_sequences.sql
 mediawiki/maintenance/postgres/archives/patch-updatelog.sql
+mediawiki/maintenance/postgres/archives/patch-uploadstash.sql
+mediawiki/maintenance/postgres/archives/patch-uploadstash_sequence.sql
 mediawiki/maintenance/postgres/archives/patch-user_former_groups.sql
 mediawiki/maintenance/postgres/archives/patch-user_properties.sql
 mediawiki/maintenance/postgres/archives/patch-valid_tag.sql
@@ -2227,6 +2230,9 @@ mediawiki/skins/common/images/public-domain.png
 mediawiki/skins/common/images/redirectltr.png
 mediawiki/skins/common/images/redirectrtl.png
 mediawiki/skins/common/images/remove.png
+mediawiki/skins/common/images/sort_both.gif
+mediawiki/skins/common/images/sort_down.gif
+mediawiki/skins/common/images/sort_up.gif
 mediawiki/skins/common/images/spinner.gif
 mediawiki/skins/common/images/tick-32.png
 mediawiki/skins/common/images/tipsy-arrow.gif
@@ -2597,6 +2603,7 @@ mediawiki/tests/qunit/suites/resources/jquery/jquery.byteLength.js
 mediawiki/tests/qunit/suites/resources/jquery/jquery.byteLimit.js
 mediawiki/tests/qunit/suites/resources/jquery/jquery.client.js
 mediawiki/tests/qunit/suites/resources/jquery/jquery.colorUtil.js
+mediawiki/tests/qunit/suites/resources/jquery/jquery.delayedBind.test.js
 mediawiki/tests/qunit/suites/resources/jquery/jquery.getAttrs.js
 mediawiki/tests/qunit/suites/resources/jquery/jquery.localize.js
 mediawiki/tests/qunit/suites/resources/jquery/jquery.mwPrototypes.js