Debian: DSA-3036-1: mediawiki security update
Debian: DSA-3036-1: mediawiki security update
It was discovered that MediaWiki, a wiki engine, did not sufficiently filter CSS in uploaded SVG files, allowing for cross site scripting. For the stable distribution (wheezy), this problem has been fixed in
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3036-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Thijs Kinkhorst September 26, 2014 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mediawiki Debian Bug : 762754 It was discovered that MediaWiki, a wiki engine, did not sufficiently filter CSS in uploaded SVG files, allowing for cross site scripting. For the stable distribution (wheezy), this problem has been fixed in version 1:1.19.19+dfsg-0+deb7u1. For the unstable distribution (sid), this problem has been fixed in version 1:1.19.19+dfsg-1. We recommend that you upgrade your mediawiki packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.