From secunia security advisory at $URL: Description: The weakness is caused due to an error within the "execute()" function (includes/api/ApiQueryRevisions.php), which discloses old revision content and can be exploited to disclose deleted cached content by diffing to a hidden revision. Successful exploitation requires that the content is cached by a caching server. The weakness is reported in versions prior to 1.18.1 and 1.17.2. Solution: Update to version 1.18.1 or 1.17.2.
1.18.1 added to CVS.
(In reply to comment #1) > 1.18.1 added to CVS. Thanks Tim. Arches, please test and mark stable: =www-apps/mediawiki-1.18.1 target KEYWORDS : "amd64 ppc sparc x86"
amd64 stable
x86 stable. Thanks
sparc keywords dropped
ppc done; closing as last arch
@security, please vote
Thanks, folks. GLSA Vote: no.
Vote: no, too. Closing [noglsa].