Debian Security Advisory
DSA-5246-1 mediawiki -- security update
- Date Reported:
- 04 Oct 2022
- Affected Packages:
- mediawiki
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2021-44854, CVE-2021-44855, CVE-2021-44856, CVE-2022-28201, CVE-2022-28202, CVE-2022-28203, CVE-2022-29248, CVE-2022-31042, CVE-2022-31043, CVE-2022-31090, CVE-2022-31091, CVE-2022-34911, CVE-2022-34912, CVE-2022-41765, CVE-2022-41767.
- More information:
-
Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in restriction bypass, information leaks, cross-site scripting or denial of service.
For the stable distribution (bullseye), these problems have been fixed in version 1:1.35.8-1~deb11u1.
We recommend that you upgrade your mediawiki packages.
For the detailed security status of mediawiki please refer to its security tracker page at: https://security-tracker.debian.org/tracker/mediawiki