MGASA-2023-0204 - Updated mediawiki packages fix security vulnerability

Publication date: 28 Jun 2023
URL: https://advisories.mageia.org/MGASA-2023-0204.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2020-36649,
     CVE-2022-47927,
     CVE-2023-22909,
     CVE-2023-2291,
     CVE-2023-29141

Bundled PapaParse copy in VisualEditor has known ReDos (CVE-2020-36649).

An issue was discovered in MediaWiki before 1.35.9. When installing with a
pre-existing data directory that has weak permissions, the SQLite files
are created with file mode 0644, i.e., world readable to local users.
These files include credentials data (CVE-2022-47927).

An issue was discovered in MediaWiki before 1.35.9. SpecialMobileHistory
allows remote attackers to cause a denial of service because database
queries are slow (CVE-2023-22909).

An issue was discovered in MediaWiki before 1.35.9. E-Widgets does widget
replacement in HTML attributes, which can lead to XSS, because widget
authors often do not expect that their widget is executed in an HTML
attribute context (CVE-2023-22911).

An issue was discovered in MediaWiki before 1.35.10. An auto-block can
occur for an untrusted X-Forwarded-For header (CVE-2023-29141).

OATHAuth allows replay attacks when MediaWiki is configured without
ObjectCache; Insecure Default Configuration (T330086).

References:
- https://bugs.mageia.org/show_bug.cgi?id=31463
- https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/message/UEMW64LVEH3BEXCJV43CVS6XPYURKWU3/
- https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/message/6UQBHI5FWLATD7QO7DI4YS54U7XSSLAN/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/AP65YEN762IBNQPOYGUVLTQIDLM5XD2A/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36649
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47927
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22909
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2291
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29141

SRPMS:
- 8/core/mediawiki-1.35.10-1.mga8