[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 4816-1] mediawiki security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4816-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
December 18, 2020                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : mediawiki
CVE ID         : CVE-2020-35475 CVE-2020-35477 CVE-2020-35479 CVE-2020-35480
Debian Bug     : 971985 971986

Multiple security issues were discovered in MediaWiki, a website engine
for collaborative work, which could result in cross-site scripting or
the disclosure of hidden users.	
	
For the stable distribution (buster), these problems have been fixed in
version 1:1.31.12-1~deb10u1.

We recommend that you upgrade your mediawiki packages.

For the detailed security status of mediawiki please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/mediawiki

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl/cegEACgkQEMKTtsN8
TjZTkA/9GSBLaPYBEdCBHJInfqihUUpyyuVNaWpRe4Fcudyj/Q9Cktl9E0XKJaQO
sAz0Ql24x3VGHuyhMDmgsNqsnmDnDd5FV3ixHVdOvvcW+mcBd2XaIqbPxufT3NmY
rRdDvdlc1UuGdcueOoIyUZe7jBUPdefephMl/Tv6lEQKx+JhqcSGGaI6kVE4MVWs
M118MuiGnNrkmpiE35IqWCn7rMr/00CyQi8Ytobb11ebjm4VlwJlpuXfTaYC8ZDB
eRD+I4+0j+eO/xuiF7b+xIStse6nV5C2Q7aBfKsK/+SuJANvYJsW2GnHEFkzM+j3
EJs2ha3cPBdG7RVqJRt7Lkqu5ZxsBkJgoYZSQr0mbzr7cmX707HRe8ZtvFBpCubj
XVIinwJOGSdwWzUWw3QyuwTK3g7wfJJtcnihWUYy0d5sdIeMwv8VqcVnyY4ss4RN
hCVnFgNHK8Z2HVT2pjkM/j85n7wEDa3l0p57vyNxN4Mv1st4tWWlrBgpMKm1fKDz
RRKs6G3p3X0ENKUnJma+RNKP/sgeES4X+CDfZzJXeALIYrhGvemax+vhQNGFGXPa
ccyuWpQTOEwMnjYIB5+YrhPTfpr0tr3JFMoLpGgUzy9/53CBwxkixizg6NMnKFE6
apGLC2Wdeey2nzt6TtDCa4uXpl+4c0ihm3O7byXzVZ3iZ6cXexY=
=aUJM
-----END PGP SIGNATURE-----


Reply to: