LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for October 3, 2013

Integrity and embedded devices

NUMA scheduling progress

LWN.net Weekly Edition for September 26, 2013

A perf ABI fix

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fedora alert FEDORA-2013-15984 (mediawiki)



From:
    	      updates@fedoraproject.org 


To:
    	      package-announce@lists.fedoraproject.org 


Subject:
    	      [SECURITY] Fedora 19 Update: mediawiki-1.21.2-1.fc19 


Date:
    	      Fri, 20 Sep 2013 16:26:42 +0000


Message-ID:
    	      <20130920162642.11E542200A@bastion01.phx2.fedoraproject.org>


Archive-link:
    	      Article, Thread
              


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-15984
2013-09-07 00:00:54
--------------------------------------------------------------------------------

Name        : mediawiki
Product     : Fedora 19
Version     : 1.21.2
Release     : 1.fc19
URL         : http://www.mediawiki.org/
Summary     : A wiki engine
Description :
MediaWiki is the software used for Wikipedia and the other Wikimedia
Foundation websites. Compared to other wikis, it has an excellent
range of features and support for high-traffic websites using multiple
servers

This package supports wiki farms. Read the instructions for creating wiki instances under
/usr/share/doc/mediawiki-1.21.2/README.RPM.
Remember to remove the config dir after completing the configuration.

--------------------------------------------------------------------------------
Update Information:

* SECURITY: Fix extension detection with 2 .'s
* SECURITY: Support for the 'gettoken' parameter to action=block and action=unblock, deprecated
since 1.20, has been removed.
* SECURITY: Sanitize ResourceLoader exception messages
* Purge upstream caches when deleting file assets.
* Unit test suite now runs the AutoLoader tests. Also fixed the autoloading entry for the
PageORMTableForTesting class though it had no impact.

--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep  5 2013 Michael Cronenworth <mike@cchtml.com> - 1.21.2-1
- New upstream release.
* Sat Jul 27 2013 Michael Cronenworth <mike@cchtml.com> - 1.21.1-4
- Update mw-createinstance
* Wed Jul 10 2013 Michael Cronenworth <mike@cchtml.com> - 1.21.1-3
- Fix Obsoletes
* Tue Jul  9 2013 Michael Cronenworth <mike@cchtml.com> - 1.21.1-2
- Provide/Obsolete now included extensions (#967811)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1004538 - CVE-2013-4301 CVE-2013-4302 CVE-2013-4303 mediawiki: security releases
1.21.2, 1.20.7, and 1.19.8
        https://bugzilla.redhat.com/show_bug.cgi?id=1004538
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update mediawiki' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds