• [SECURITY] [DSA 5785-1] mediawiki security update

    From Moritz Muehlenhoff@21:1/5 to All on Sat Oct 5 20:00:02 2024
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5785-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 05, 2024 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : mediawiki
    CVE ID : CVE-2024-47913

    Dom Walden discovered that the AbuseFilter extension in MediaWiki, a
    website engine for collaborative work, performed incomplete authorisation checks.

    For the stable distribution (bookworm), this problem has been fixed in
    version 1:1.39.10-1~deb12u1.

    We recommend that you upgrade your mediawiki packages.

    For the detailed security status of mediawiki please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/mediawiki

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmcBfMEACgkQEMKTtsN8 TjbSyRAAquV+ePBJ2hoYLTNvZnz8yRbNsNaW8lqLY/LhN/lzmloAvV62gyEyYi+p Qbp+tCyT258cSwzLz6aT2H0/X276PiWGIV+BTzVevejFQWWh1RCfnRRh9cTPZRTT 2EW/IDSraotXyb6B/oKIIdJerY8mr7ZZaMFr34mLGH5q+oAYJYt1g/LQVO+y/SQx BtSgDNmShKQnre3M+8UH7tAW2ewq+RAAZu55Nr5ChgGjzidP3DciDH7JZt4jyMNl EVyn4smpvisEtM4B+WeMCX/LhYHwXtrakywZfEAAcbYqrto3dqbapFSqaA+6g4ru 96DtYLY0IDQI55IVPi6J0hB5N/5ezXjwnHz4N7OQCU+MtpcuYfbY0KlpJcO3/q2o 9lK/1m2O0jsKYMjGrW3E4lvmB44rZIDEWts0UsqJZy9pef3ucu4FZOSbv7po8B/A 4MFPZ/asow2wYG1MIWYB3kL+LkuyzBXKDLbkJ03mwp7E7NmKi823ICUu3gVZzaeU km/tKtB6Xmumr39CtXy+gAiH2gnIytlrpNHz3FAeluk1WYfV88SaDPuPnSI0U2Qz TLUuQY72tCEgN8JGtGYs6TqtJq2yWsIyvQ+Ax10q2zXYZO8IZBtYf/etpPz47Mul cx4AOAiDwJ1+Lplr1006IZXrBkxxyo/veqmz5rjZym4G7Vh93l0=
    =m9Jl
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)