Re: pkg/41789: Update www/mediawiki 1.13.5 -> 1.14.1

[Fredrik Pettai <pettai%nordu.net@localhost>]

The following reply was made to PR pkg/41789; it has been noted by GNATS.

From: Fredrik Pettai <pettai%nordu.net@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc: 
Subject: Re: pkg/41789: Update www/mediawiki 1.13.5 -> 1.14.1
Date: Mon, 27 Jul 2009 01:06:55 +0200

 On Jul 27, 2009, at 12:50 AM, gnats-admin%NetBSD.org@localhost wrote:
 > Thank you very much for your problem report.
 > It has the internal identification `pkg/41789'.
 > The individual assigned to look at your
 > report is: pkg-manager.
 >
 >> Category:       pkg
 >> Responsible:    pkg-manager
 >> Synopsis:       Update www/mediawiki 1.13.5 -> 1.14.1
 >> Arrival-Date:   Sun Jul 26 22:50:00 +0000 2009
 
 audit-packages (or more correct, pkg_admin) still complains on  
 mediawiki-1.14.1:
 Package mediawiki-1.14.1 has a cross-site-scripting vulnerability,  
 see: http://secunia.com/advisories/35818/
 
 Which is not true. Mediawiki-1.14.1 incorporates patch(es) to fix this  
 problem.
 (See 
http://lists.wikimedia.org/pipermail/mediawiki-announce/2009-July/000087.html)
 
 Maybe raise severity to serious instead of non-critical?
 
 Regards,
 /P