Summary: | www-apps/mediawiki: global DoS via site admin | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | minor | CC: | fordfrog, web-apps |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://phabricator.wikimedia.org/T313205 | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=873385 | ||
Whiteboard: | B3 [??] | ||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
2022-09-03 02:06:20 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=27a7cc9d97b1a12cf5c6e6464f2349d7c9823230 commit 27a7cc9d97b1a12cf5c6e6464f2349d7c9823230 Author: Miroslav Šulc <fordfrog@gentoo.org> AuthorDate: 2022-09-30 03:40:14 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2022-09-30 03:40:14 +0000 www-apps/mediawiki: bump to 1.37.6 Bug: https://bugs.gentoo.org/868141 Bug: https://bugs.gentoo.org/873385 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> www-apps/mediawiki/Manifest | 1 + www-apps/mediawiki/mediawiki-1.37.6.ebuild | 86 ++++++++++++++++++++++++++++++ 2 files changed, 87 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5ebe28034a2a04865a9601f4b9356cbf4b211537 commit 5ebe28034a2a04865a9601f4b9356cbf4b211537 Author: Miroslav Šulc <fordfrog@gentoo.org> AuthorDate: 2022-09-30 03:38:53 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2022-09-30 03:38:53 +0000 www-apps/mediawiki: bump to 1.38.4 Bug: https://bugs.gentoo.org/868141 Bug: https://bugs.gentoo.org/873385 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> www-apps/mediawiki/Manifest | 1 + www-apps/mediawiki/mediawiki-1.38.4.ebuild | 86 ++++++++++++++++++++++++++++++ 2 files changed, 87 insertions(+) Do we have any idea if patches for this issue made it into the releases? (In reply to John Helmert III from comment #2) > Do we have any idea if patches for this issue made it into the releases? i was searching the installed sources of mediawiki and i found GrowthExperiments only in comments, so my conclusion is that this extension is not part of the standard distribution. Ah, sorry! Totally missed that this only affected an extension. |