Updated mediawiki packages fix security vulnerabilities
Publication date: 29 Nov 2017Modification date: 29 Nov 2017
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-8808 , CVE-2017-8809 , CVE-2017-8810 , CVE-2017-8811 , CVE-2017-8812 , CVE-2017-8814 , CVE-2017-8815 , CVE-2017-9841
Description
XSS when $wgShowExceptionDetails = false and browser sends non-standard
url escaping (CVE-2017-8808).
Reflected File Download from api.php (CVE-2017-8809).
On private wikis, login form shouldn't distinguish between login failure
due to bad username and bad password (CVE-2017-8810).
It's possible to mangle HTML via raw message parameter expansion
(CVE-2017-8811).
The id attribute on headlines allow raw > (CVE-2017-8812).
Language converter can be tricked into replacing text inside tags by
adding a lot of junk after the rule definition (CVE-2017-8814).
Language converter: unsafe attribute injection via glossary rules
(CVE-2017-8815).
composer.json has require-dev versions of PHPUnit with known security
issues (CVE-2017-9841).
Note that MediaWiki 1.23.x on Mageia 5 is no longer supported. Those
using the mediawiki package on Mageia 5 should upgrade to Mageia 6.
References
- https://bugs.mageia.org/show_bug.cgi?id=22038
- https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8808
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8809
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8810
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8811
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8812
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8814
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8815
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9841
SRPMS
6/core
- mediawiki-1.27.4-1.mga6