Summary: | <www-apps/mediawiki-1.34.2: Possible leak of private extension images into public cache (CVE-2020-15005) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | ajak, fordfrog, web-apps |
Priority: | Normal | Flags: | nattka:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://lists.wikimedia.org/pipermail/mediawiki-announce/2020-June/000252.html | ||
Whiteboard: | B4 [noglsa cve] | ||
Package list: |
=www-apps/mediawiki-1.34.2 amd64 ppc x86
|
Runtime testing required: | --- |
Description
Sam James
2020-06-24 23:41:48 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0362678f4136aef42b976cc25405a2036147ecad commit 0362678f4136aef42b976cc25405a2036147ecad Author: Miroslav Šulc <fordfrog@gentoo.org> AuthorDate: 2020-06-25 07:47:49 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2020-06-25 07:48:10 +0000 www-apps/mediawiki: bump to 1.34.2 1) REQUIRED_USE for databases + default database in USE flags + updated database related deps 2) removing binary distributions of lua in Scribunto 3) updated installed docs Bug: https://bugs.gentoo.org/729480 Closes: https://bugs.gentoo.org/716782 Closes: https://bugs.gentoo.org/728568 Package-Manager: Portage-2.3.103, Repoman-2.3.23 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> www-apps/mediawiki/Manifest | 1 + www-apps/mediawiki/mediawiki-1.34.2.ebuild | 86 ++++++++++++++++++++++++++++++ 2 files changed, 87 insertions(+) Thank you! Please tell us when ready to stable. imo it can go stable. (In reply to Miroslav Šulc from comment #3) > imo it can go stable. Thank you for the quick response! :) CVE-2020-12051: The CentralAuth extension through REL1_34 for MediaWiki allows remote attackers to obtain sensitive hidden account information via an api.php?action=query&meta=globaluserinfo&guiuser= request. In other words, the information can be retrieved via the action API even though access would be denied when simply visiting wiki/Special:CentralAuth in a web browser. According to email announcement this appears to also be fixed in the 1.34 branch in 1.34.2: https://lists.wikimedia.org/pipermail/mediawiki-announce/2020-June/000254.html amd64 stable ppc stable x86 stable. Maintainer(s), please cleanup. Security, please vote. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9443e690c0dd880eadc408072fb9520ef032757c commit 9443e690c0dd880eadc408072fb9520ef032757c Author: Miroslav Šulc <fordfrog@gentoo.org> AuthorDate: 2020-06-29 04:59:06 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2020-06-29 04:59:06 +0000 www-apps/mediawiki: removed vulnerable 1.34.1 Bug: https://bugs.gentoo.org/729480 Package-Manager: Portage-2.3.103, Repoman-2.3.23 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> www-apps/mediawiki/Manifest | 1 - www-apps/mediawiki/mediawiki-1.34.1.ebuild | 79 ------------------------------ 2 files changed, 80 deletions(-) |