Fedora 20 Security Update: mediawiki-1.23.8-1.fc20

December 19, 2014 007admin Leave a comment

Resolved Bugs
1175828 – mediawiki: multiple vulnerabilities
1175829 – mediawiki: multiple vulnerabilities [fedora-all]<br
* (bug T76686) [SECURITY] thumb.php outputs wikitext message as raw HTML, which could lead to xss. Permission to edit MediaWiki namespace is required to exploit this.rn* (bug T77028) [SECURITY] Malicious site can bypass CORS restrictions in $wgCrossSiteAJAXdomains in API calls if it only included an allowed domain as part of its name.rn* (bug T74222) The original patch for T74222 was reverted as unnecessary.rn

007 Software

Fedora 20 Security Update: mediawiki-1.23.8-1.fc20

Leave a Reply Cancel reply

Software and Security Information