1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5447-1] mediawiki security update

    From Moritz Muehlenhoff@21:1/5 to All on Wed Jul 5 19:50:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5447-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff
    July 05, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : mediawiki
    CVE ID : CVE-2023-29141 CVE-2023-36674 CVE-2023-36675
    Debian Bug : 1039075

    Multiple security issues were discovered in MediaWiki, a website engine
    for collaborative work, which could result in cross-site scripting, a
    bypass of vandalism protections or information disclosure.

    For the oldstable distribution (bullseye), these problems have been fixed
    in version 1:1.35.11-1~deb11u1.

    For the stable distribution (bookworm), these problems have been fixed in version 1:1.39.4-1~deb12u1.

    We recommend that you upgrade your mediawiki packages.

    For the detailed security status of mediawiki please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/mediawiki

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmSlqxIACgkQEMKTtsN8 TjbJRBAAodt+4EzI/HLq3hr2OU6K3WE6W2ThrPSMNev0TLyCTw7GeX4avi3cKjNL wqdPWGE4BjC6YAb5qU6Z9rqL00megvqihL5kaf010++jXk1/9uruENkOSj+KJuWt qLIvX3MYH4EU5gLRD6we8+LzTJQX46UNXtUVSQ7ixZNegzWGbZ8usI046x3YwAHV MTf5tn3M/XBKdhd9UcvffB+qM4Dkyyr1+/tJXyIzxYq8RbHDFW8ggvKZTJ1xSXVY 4G0G4k+kQEvWtyUvIzypj5hdAI2zzSUXstFKl64dMwS35hXq8HrORJZwYVTgmLw5 6D346wYr5SelP++NO5Ap+nGmjc4bn3UxAMnc6EvCKC5L9nO8dYviMMe7EyLqyKhd rPXJXV0c+Yxznn3SRh9iRoVXwkfEmE+JT562qvk3ozu548AH8NzRaCEdv7Dzuxhg BSrZMbOozDTmMiEUbe7beKfhSwo8tpRqlVlcA4Pk+v2TnEE6sQN6+gwrLaOyv7N9 zwlofFHrjMyR68oFyNg9+cWhuLpca+NUjJE1mzk7V+2ehh1bH83YNAeStYqYqgK1 oJcKNS/xVhCOm246TOwCROw5FwO7oZTYy44BUXrMZh+t/Srf2ko7lsYlPLWoz8t0 gfZ47YMraeNoiewkq7Ij8RvhL/ZKOlB45MHlWewh0KR97HwItOE=
    =1rTe
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)