Advisories ยป MGASA-2017-0429

Updated mediawiki packages fix security vulnerabilities

Publication date: 29 Nov 2017
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-8808 , CVE-2017-8809 , CVE-2017-8810 , CVE-2017-8811 , CVE-2017-8812 , CVE-2017-8814 , CVE-2017-8815 , CVE-2017-9841


XSS when $wgShowExceptionDetails = false and browser sends non-standard
url escaping (CVE-2017-8808).

Reflected File Download from api.php (CVE-2017-8809).

On private wikis, login form shouldn't distinguish between login failure
due to bad username and bad password (CVE-2017-8810).

It's possible to mangle HTML via raw message parameter expansion

The id attribute on headlines allow raw > (CVE-2017-8812).

Language converter can be tricked into replacing text inside tags by
adding a lot of junk after the rule definition (CVE-2017-8814).

Language converter: unsafe attribute injection via glossary rules

composer.json has require-dev versions of PHPUnit with known security
issues (CVE-2017-9841).

Note that MediaWiki 1.23.x on Mageia 5 is no longer supported.  Those
using the mediawiki package on Mageia 5 should upgrade to Mageia 6.