Updated mediawiki packages fix security vulnerability
Publication date: 05 Jan 2020Modification date: 05 Jan 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-19709
Description
Updated mediawiki packages fix security vulnerability: MediaWiki through 1.33.1 allows attackers to bypass the Title_blacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page (CVE-2019-19709).
References
SRPMS
7/core
- mediawiki-1.31.6-1.mga7