Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 637582 (CVE-2017-8808, CVE-2017-8809, CVE-2017-8810, CVE-2017-8811, CVE-2017-8812, CVE-2017-8814, CVE-2017-8815) - <www-apps/mediawiki-1.32.0: Multiple vulnerabilities
Summary: <www-apps/mediawiki-1.32.0: Multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2017-8808, CVE-2017-8809, CVE-2017-8810, CVE-2017-8811, CVE-2017-8812, CVE-2017-8814, CVE-2017-8815
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B4 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-11-15 14:13 UTC by GLSAMaker/CVETool Bot
Modified: 2019-04-25 22:17 UTC (History)
2 users (show)

See Also:
Package list:
www-apps/mediawiki-1.32.0
Runtime testing required: No
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2017-11-15 14:13:44 UTC
CVE-2017-8815 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8815):
  The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and
  1.29.x before 1.29.2 allows attribute injection attacks via glossary rules.

CVE-2017-8814 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8814):
  The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and
  1.29.x before 1.29.2 allows attackers to replace text inside tags via a rule
  definition followed by "a lot of junk."

CVE-2017-8812 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8812):
  MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2
  allows remote attackers to inject > (greater than) characters via the id
  attribute of a headline.

CVE-2017-8811 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8811):
  The implementation of raw message parameter expansion in MediaWiki before
  1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows HTML mangling
  attacks.

CVE-2017-8810 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8810):
  MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2,
  when a private wiki is configured, provides different error messages for
  failed login attempts depending on whether the username exists, which allows
  remote attackers to enumerate account names and conduct brute-force attacks
  via a series of requests.

CVE-2017-8809 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8809):
  api.php in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before
  1.29.2 has a Reflected File Download vulnerability.

CVE-2017-8808 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8808):
  MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 has
  XSS when the $wgShowExceptionDetails setting is false and the browser sends
  non-standard URL escaping.
Comment 1 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-11-15 14:18:05 UTC
@Maintainers please call for stabilization when ready.

Thank you
Comment 2 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2018-01-19 21:08:28 UTC
@maintainer(s), please bump the package LTS to at least 1.27.4.
Comment 3 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2018-11-25 00:43:00 UTC
ping for bumpage.
Comment 4 Miroslav Šulc gentoo-dev 2019-02-13 12:36:54 UTC
i've bumped mediawiki to version 1.31.1 some time ago and and to 1.32.0 recently. so i guess one of these can go stable.

commit 7724838bfca3aec523c82232cfa717fc1eb38d3e
Author: Miroslav Šulc <fordfrog@gentoo.org>
Date:   Tue Feb 5 14:14:00 2019 +0100

    www-apps/mediawiki-1.32.0: bump
    
    Closes: https://bugs.gentoo.org/675186
    Package-Manager: Portage-2.3.59, Repoman-2.3.12
    Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org>

commit 294cc98f55c6c485070698177dd7f72f341cc058
Author: Miroslav Šulc <fordfrog@gentoo.org>
Date:   Tue Oct 23 18:35:38 2018 +0200

    www-apps/mediawiki: version bump per bug #611240
    
    Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org>
    Package-Manager: Portage-2.3.51, Repoman-2.3.11
Comment 5 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2019-04-14 02:15:26 UTC
@arches, please stabilize.
Comment 6 Agostino Sarubbo gentoo-dev 2019-04-14 10:24:10 UTC
amd64 stable
Comment 7 ernsteiswuerfel 2019-04-14 18:55:01 UTC
Looking good on ppc.

# cat mediawiki-637582.report 
USE tests started on So 14. Apr 19:45:51 CEST 2019

FEATURES=' test' USE='' succeeded for =www-apps/mediawiki-1.32.0
USE='imagemagick mysql -postgres -sqlite -vhosts' succeeded for =www-apps/mediawiki-1.32.0
USE='imagemagick -mysql postgres -sqlite -vhosts' succeeded for =www-apps/mediawiki-1.32.0
USE='imagemagick mysql -postgres sqlite -vhosts' succeeded for =www-apps/mediawiki-1.32.0
USE='-imagemagick mysql postgres sqlite -vhosts' succeeded for =www-apps/mediawiki-1.32.0
USE='imagemagick mysql -postgres -sqlite vhosts' succeeded for =www-apps/mediawiki-1.32.0
USE='imagemagick -mysql postgres -sqlite vhosts' succeeded for =www-apps/mediawiki-1.32.0
USE='-imagemagick mysql postgres -sqlite vhosts' succeeded for =www-apps/mediawiki-1.32.0
USE='imagemagick mysql postgres -sqlite vhosts' succeeded for =www-apps/mediawiki-1.32.0
USE='-imagemagick mysql -postgres sqlite vhosts' succeeded for =www-apps/mediawiki-1.32.0
USE='imagemagick mysql -postgres sqlite vhosts' succeeded for =www-apps/mediawiki-1.32.0
USE='-imagemagick mysql postgres sqlite vhosts' succeeded for =www-apps/mediawiki-1.32.0
USE='imagemagick mysql postgres sqlite vhosts' succeeded for =www-apps/mediawiki-1.32.0
Comment 8 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2019-04-20 02:23:13 UTC
(In reply to ernsteiswuerfel from comment #7)
> Looking good on ppc.
> 
> # cat mediawiki-637582.report 
> USE tests started on So 14. Apr 19:45:51 CEST 2019
> 
> FEATURES=' test' USE='' succeeded for =www-apps/mediawiki-1.32.0
> USE='imagemagick mysql -postgres -sqlite -vhosts' succeeded for
> =www-apps/mediawiki-1.32.0
> USE='imagemagick -mysql postgres -sqlite -vhosts' succeeded for
> =www-apps/mediawiki-1.32.0
> USE='imagemagick mysql -postgres sqlite -vhosts' succeeded for
> =www-apps/mediawiki-1.32.0
> USE='-imagemagick mysql postgres sqlite -vhosts' succeeded for
> =www-apps/mediawiki-1.32.0
> USE='imagemagick mysql -postgres -sqlite vhosts' succeeded for
> =www-apps/mediawiki-1.32.0
> USE='imagemagick -mysql postgres -sqlite vhosts' succeeded for
> =www-apps/mediawiki-1.32.0
> USE='-imagemagick mysql postgres -sqlite vhosts' succeeded for
> =www-apps/mediawiki-1.32.0
> USE='imagemagick mysql postgres -sqlite vhosts' succeeded for
> =www-apps/mediawiki-1.32.0
> USE='-imagemagick mysql -postgres sqlite vhosts' succeeded for
> =www-apps/mediawiki-1.32.0
> USE='imagemagick mysql -postgres sqlite vhosts' succeeded for
> =www-apps/mediawiki-1.32.0
> USE='-imagemagick mysql postgres sqlite vhosts' succeeded for
> =www-apps/mediawiki-1.32.0
> USE='imagemagick mysql postgres sqlite vhosts' succeeded for
> =www-apps/mediawiki-1.32.0

thanks!
Comment 9 Thomas Deutschmann gentoo-dev Security 2019-04-24 21:34:32 UTC
x86 stable
Comment 10 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2019-04-24 22:42:26 UTC
@maintainer, please drop vulnerable
Comment 11 Larry the Git Cow gentoo-dev 2019-04-25 06:51:32 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fd1f071fcacf79be077e6f3845ac951aa0979651

commit fd1f071fcacf79be077e6f3845ac951aa0979651
Author:     Miroslav Šulc <fordfrog@gentoo.org>
AuthorDate: 2019-04-25 06:51:10 +0000
Commit:     Miroslav Šulc <fordfrog@gentoo.org>
CommitDate: 2019-04-25 06:51:10 +0000

    www-apps/mediawiki-1.{27.3,31.1}: removed vulnerable (bug #637582)
    
    Bug: https://bugs.gentoo.org/637582
    Package-Manager: Portage-2.3.64, Repoman-2.3.12
    Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org>

 www-apps/mediawiki/Manifest                |  2 -
 www-apps/mediawiki/mediawiki-1.27.3.ebuild | 79 ----------------------------
 www-apps/mediawiki/mediawiki-1.31.1.ebuild | 82 ------------------------------
 3 files changed, 163 deletions(-)