Debian Security Advisory

DSA-5246-1 mediawiki -- security update

Date Reported:
04 Oct 2022
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2021-44854, CVE-2021-44855, CVE-2021-44856, CVE-2022-28201, CVE-2022-28202, CVE-2022-28203, CVE-2022-29248, CVE-2022-31042, CVE-2022-31043, CVE-2022-31090, CVE-2022-31091, CVE-2022-34911, CVE-2022-34912, CVE-2022-41765, CVE-2022-41767.
More information:

Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in restriction bypass, information leaks, cross-site scripting or denial of service.

For the stable distribution (bullseye), these problems have been fixed in version 1:1.35.8-1~deb11u1.

We recommend that you upgrade your mediawiki packages.

For the detailed security status of mediawiki please refer to its security tracker page at: