logo
DATABASE RESOURCES PRICING ABOUT US

MediaWiki: Multiple vulnerabilities

Description

### Background MediaWiki is a collaborative editing software used by large projects such as Wikipedia. ### Description Multiple vulnerabilities have been discovered in MediaWiki. Please review the CVE identifiers and MediaWiki announcement referenced below for details. ### Impact A remote attacker may be able to execute arbitrary code with the privileges of the process, create a Denial of Service condition, obtain sensitive information, bypass security restrictions, and inject arbitrary web script or HTML. ### Workaround There is no known workaround at this time. ### Resolution All MediaWiki 1.23 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-apps/mediawiki-1.23.8" All MediaWiki 1.22 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-apps/mediawiki-1.22.15" All MediaWiki 1.19 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-apps/mediawiki-1.19.23"


Affected Package


OS OS Version Package Name Package Version
Gentoo any www-apps/mediawiki 1.23.8

Related