Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Fedora 37 FEDORA-2023-d8ae3c122e Critical MediaWiki Cross Site Scripting

fedora
Calendar Grey September 2, 2023
Dist Fedora Esm H88
This Ubuntu alert emphasizes an important WordPress patch, fixing previously discovered SQL injection vulnerabilities.
- announce@lists.wikimedia.org/thread/H46H5ZYZG2PYUQ5STK7NWKF7GXYW7H6B/

Summary

MediaWiki is the software used for Wikipedia and the other Wikimedia

Foundation websites. Compared to other wikis, it has an excellent

range of features and support for high-traffic websites using multiple

servers

This package supports wiki farms. Read the instructions for creating wiki

instances under /usr/share/doc/mediawiki/README.RPM.

Remember to remove the config dir after completing the configuration.

Update Information:

- announce@lists.wikimedia.org/thread/H46H5ZYZG2PYUQ5STK7NWKF7GXYW7H6B/

Change Log

* Wed Aug 23 2023 Michael Cronenworth - 1.38.7-1 - Update to 1.38.7

References


[ 1 ] Bug #2217429 - CVE-2023-36675 mediawiki: cross site scripting [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2217429 [ 2 ] Bug #2233911 - CVE-2023-36674 mediawiki: Manualthumb bypasses badFile lookup [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2233911

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-d8ae3c122e' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: mediawiki
Product: Fedora 37
Version: 1.38.7
Release: 1.fc37
Summary: A wiki engine

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here