Parent Directory | Revision Log
MGASA-2021-0477: mediawiki-1.35.4-1.mga8
1 | type: security |
2 | subject: Updated mediawiki packages fix security vulnerability |
3 | CVE: |
4 | - CVE-2021-41798 |
5 | - CVE-2021-41799 |
6 | - CVE-2021-41800 |
7 | - CVE-2021-41801 |
8 | src: |
9 | 8: |
10 | core: |
11 | - mediawiki-1.35.4-1.mga8 |
12 | description: | |
13 | XSS vulnerability in Special:Search. (CVE-2021-41798) |
14 | ApiQueryBacklinks can cause a full table scan. (CVE-2021-41799) |
15 | Fix PoolCounter protection of Special:Contributions. (CVE-2021-41800) |
16 | ReplaceText continues performing actions if the user no longer has the |
17 | correct permission (such as by being blocked). (CVE-2021-41801) |
18 | references: |
19 | - https://bugs.mageia.org/show_bug.cgi?id=29531 |
20 | - https://www.debian.org/security/2021/dsa-4979 |
21 | - https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/2IFS5CM2YV4VMSODPX3J2LFHKSEWVFV5/ |
22 | - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QNEAI2T3Y65I55ZB6UE6RMC662RZTGRX/ |
23 | ID: MGASA-2021-0477 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |