FS#44489 : [mediawiki] multiple security issues in the current version

FS#44489 - [mediawiki] multiple security issues in the current version

Attached to Project: Community Packages
Opened by Christian Rebischke (Shibumi) - Tuesday, 07 April 2015, 15:56 GMT
Last edited by Levente Polyak (anthraxx) - Thursday, 09 April 2015, 21:31 GMT

Task Type	Bug Report
Category	Packages
Status	Closed
Assigned To	Sergej Pupykin (sergej)
Architecture	All
Severity	High
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	1 Christian Rebischke (Shibumi) (2015-04-07)
Private	No

Details

Hello,
There are multiple security issues in the current mediawiki version:

CVE-2015-2931 CVE-2015-2932 CVE-2015-2933 CVE-2015-2934 CVE-2015-2935 CVE-2015-2936 CVE-2015-2937 CVE-2015-2938 CVE-2015-2939 CVE-2015-2940 CVE-2015-2941 CVE-2015-2942

The most vulnerabilities are XSS and Dos. But there is one privilege escalation too.

Reference
======
http://seclists.org/oss-sec/2015/q2/61 overview over all CVEs

best regards

Christian Rebischke

Achlinux CVE monitoring team

This task depends upon

Closed by Levente Polyak (anthraxx)
Thursday, 09 April 2015, 21:31 GMT
Reason for closing: Not a bug
Additional comments about closing: Already fixed in mediawiki 1.24.2-1 as also mentioned in the oss-sec thread.

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#44489 - [mediawiki] multiple security issues in the current version

Details

Loading...