(RHSA-2019:3813) Low: OpenShift Container Platform 3.9 mediawiki123 security update

2019-11-07T21:39:33
ID RHSA-2019:3813
Type redhat
Reporter RedHat
Modified 2019-11-07T21:45:43

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the mediawiki123 RPM package for Red Hat OpenShift Container Platform 3.9.102.

Security Fix(es):

  • mediawiki: $wgRateLimits (rate limit / ping limiter) entry for 'user' overrides that for 'newbie' (CVE-2018-0503)

  • mediawiki: Information exposure when a log event is (partially) hidden (CVE-2018-0504)

  • mediawiki: BotPassword can bypass CentralAuth's account lock (CVE-2018-0505)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.