== Security fixes == * (T355538, CVE-2024-PENDING) SECURITY: XSS in edit summary parser. * (T357760, CVE-2024-PENDING) SECURITY: Denial of service vector via GET request to Special:MovePage on pages with thousands of subpages. commit 6925a2bca319871a7d27d3cb1bbf77b26232f225 Author: Miroslav Šulc <fordfrog@gentoo.org> Date: Fri Mar 29 10:11:02 2024 +0100 www-apps/mediawiki: bump to 1.39.7 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> commit cf7744d2e5146d81ae9864ac45928a9a86982352 Author: Miroslav Šulc <fordfrog@gentoo.org> Date: Fri Mar 29 10:09:29 2024 +0100 www-apps/mediawiki: bump to 1.40.3 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> commit f4f33fa6abe9f6c4b8193fe13dcc463efcbff1b3 Author: Miroslav Šulc <fordfrog@gentoo.org> Date: Fri Mar 29 10:07:52 2024 +0100 www-apps/mediawiki: bump to 1.41.1 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org>
amd64 ppc [x86] (ALLARCHES) done all arches done
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3ab17e8e74af2e426cb17f85065772327faf5d20 commit 3ab17e8e74af2e426cb17f85065772327faf5d20 Author: Miroslav Šulc <fordfrog@gentoo.org> AuthorDate: 2024-04-01 16:42:04 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2024-04-01 16:42:04 +0000 www-apps/mediawiki: dropped obsolete and vulnerable Bug: https://bugs.gentoo.org/928349 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> www-apps/mediawiki/Manifest | 3 - www-apps/mediawiki/mediawiki-1.39.6.ebuild | 90 ----------------------------- www-apps/mediawiki/mediawiki-1.40.2.ebuild | 92 ------------------------------ www-apps/mediawiki/mediawiki-1.41.0.ebuild | 92 ------------------------------ 4 files changed, 277 deletions(-)
