User: Password:
|
|
Subscribe / Log in / New account

Mageia alert MGASA-2014-0113 (mediawiki)

From:  Mageia Updates <buildsystem-daemon@mageia.org>
To:  updates-announce@ml.mageia.org
Subject:  [updates-announce] MGASA-2014-0113: Updated mediawiki packages fix security vulnerabilities
Date:  Sun, 2 Mar 2014 21:53:39 +0100
Message-ID:  <20140302205339.AA2AD4877E@valstar.mageia.org>

MGASA-2014-0113 - Updated mediawiki packages fix security vulnerabilities Publication date: 02 Mar 2014 URL: http://advisories.mageia.org/MGASA-2014-0113.html Type: security Affected Mageia releases: 3, 4 CVE: CVE-2013-6451, CVE-2013-6452, CVE-2013-6453, CVE-2013-6472, CVE-2014-1610 Description: MediaWiki user Michael M reported that the fix for CVE-2013-4568 allowed insertion of escaped CSS values which could pass the CSS validation checks, resulting in XSS (CVE-2013-6451). Chris from RationalWiki reported that SVG files could be uploaded that include external stylesheets, which could lead to XSS when an XSL was used to include JavaScript (CVE-2013-6452). During internal review, it was discovered that MediaWiki's SVG sanitization could be bypassed when the XML was considered invalid (CVE-2013-6453). During internal review, it was discovered that MediaWiki displayed some information about deleted pages in the log API, enhanced RecentChanges, and user watchlists (CVE-2013-6472). Netanel Rubin from Check Point discovered a remote code execution vulnerability in MediaWiki's thumbnail generation for DjVu files. Internal review also discovered similar logic in the PdfHandler extension, which could be exploited in a similar way (CVE-2014-1610). MediaWiki has been updated to version 1.22.2, which fixes these issues, as well as several others. Also, the mediawiki-ldapauthentication and mediawiki-math extensions have been updated to newer versions that are compatible with MediaWiki 1.22. Additionally, the mediawiki-graphviz extension has been obsoleted, due to the fact that it is unmaintained upstream and is vulnerable to cross-site scripting attacks. Note: if you were using the "instances" feature in these packages to support multiple wiki instances, this feature has now been removed. You will need to maintain separate wiki instances manually. References: - https://bugs.mageia.org/show_bug.cgi?id=12337 - http://lists.wikimedia.org/pipermail/mediawiki-announce/2... - http://lists.wikimedia.org/pipermail/mediawiki-announce/2... - https://lists.fedoraproject.org/pipermail/package-announc... - https://lists.fedoraproject.org/pipermail/package-announc... - http://www.mediawiki.org/wiki/Extension:GraphViz - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6451 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6452 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6453 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6472 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1610 SRPMS: - 4/core/mediawiki-1.22.2-1.1.mga4 - 4/core/mediawiki-ldapauthentication-2.0f-1.1.mga4 - 4/core/mediawiki-math-1.1-1.1.mga4 - 3/core/mediawiki-1.22.2-1.1.mga3 - 3/core/mediawiki-ldapauthentication-2.0f-1.1.mga3 - 3/core/mediawiki-math-1.1-1.1.mga3


(Log in to post comments)


Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds