Debian Security Advisory

DSA-2022-1 mediawiki -- several vulnerabilities

Date Reported:
23 Mar 2010
Affected Packages:
mediawiki
Vulnerable:
Yes
Security database references:
No other external database security references currently available.
More information:

Several vulnerabilities have been discovered in mediawiki, a web-based wiki engine. The following issues have been identified:

  • Insufficient input sanitization in the CSS validation code allows editors to display external images in wiki pages. This can be a privacy concern on public wikis as it allows attackers to gather IP addresses and other information by linking these images to a web server under their control.

  • Insufficient permission checks have been found in thump.php which can lead to disclosure of image files that are restricted to certain users (e.g. with img_auth.php).

For the stable distribution (lenny), these problems have been fixed in version 1.12.0-2lenny4.

For the testing distribution (squeeze), these problems have been fixed in version 1:1.15.2-1.

For the unstable distribution (sid), these problems have been fixed in version 1:1.15.2-1.

Fixed in:

Debian GNU/Linux 5.0 (lenny)

Source:
http://security.debian.org/pool/updates/main/m/mediawiki/mediawiki_1.12.0-2lenny4.dsc
http://security.debian.org/pool/updates/main/m/mediawiki/mediawiki_1.12.0.orig.tar.gz
http://security.debian.org/pool/updates/main/m/mediawiki/mediawiki_1.12.0-2lenny4.diff.gz
Architecture-independent component:
http://security.debian.org/pool/updates/main/m/mediawiki/mediawiki_1.12.0-2lenny4_all.deb
Alpha:
http://security.debian.org/pool/updates/main/m/mediawiki/mediawiki-math_1.12.0-2lenny4_alpha.deb
AMD64:
http://security.debian.org/pool/updates/main/m/mediawiki/mediawiki-math_1.12.0-2lenny4_amd64.deb
ARM:
http://security.debian.org/pool/updates/main/m/mediawiki/mediawiki-math_1.12.0-2lenny4_arm.deb
ARM EABI:
http://security.debian.org/pool/updates/main/m/mediawiki/mediawiki-math_1.12.0-2lenny4_armel.deb
HP Precision:
http://security.debian.org/pool/updates/main/m/mediawiki/mediawiki-math_1.12.0-2lenny4_hppa.deb
Intel IA-32:
http://security.debian.org/pool/updates/main/m/mediawiki/mediawiki-math_1.12.0-2lenny4_i386.deb
Intel IA-64:
http://security.debian.org/pool/updates/main/m/mediawiki/mediawiki-math_1.12.0-2lenny4_ia64.deb
Little-endian MIPS:
http://security.debian.org/pool/updates/main/m/mediawiki/mediawiki-math_1.12.0-2lenny4_mipsel.deb
PowerPC:
http://security.debian.org/pool/updates/main/m/mediawiki/mediawiki-math_1.12.0-2lenny4_powerpc.deb
IBM S/390:
http://security.debian.org/pool/updates/main/m/mediawiki/mediawiki-math_1.12.0-2lenny4_s390.deb
Sun Sparc:
http://security.debian.org/pool/updates/main/m/mediawiki/mediawiki-math_1.12.0-2lenny4_sparc.deb

MD5 checksums of the listed files are available in the original advisory.