Multiple security problems found: [CVE-2008-5249] [CVE-2008-5250] [CVE-2008-5252]
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mediawiki (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Dapper |
Won't Fix
|
Undecided
|
Unassigned | ||
Gutsy |
Won't Fix
|
Undecided
|
Unassigned | ||
Hardy |
Fix Released
|
Undecided
|
Unassigned | ||
Intrepid |
Fix Released
|
Undecided
|
Unassigned | ||
Jaunty |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: mediawiki
Multiple security problems found and fixed by upstream[0]:
* An XSS vulnerability affecting all MediaWiki installations between
1.13.0 and 1.13.2. [CVE-2008-5249]
* A local script injection vulnerability affecting Internet Explorer
clients for all MediaWiki installations with uploads enabled.
[CVE-2008-5250]
* A local script injection vulnerability affecting clients with SVG
scripting capability (such as Firefox 1.5+), for all MediaWiki
installations with SVG uploads enabled. [CVE-2008-5250]
* A CSRF vulnerability affecting the Special:Import feature, for all
MediaWiki installations since the feature was introduced in 1.3.0.
[CVE-2008-5252]
* Since 1.11, by default, MediaWiki stores a backup of deleted images
in the images/deleted directory. If you do not want these images to be publically
accessible, make sure this directory is not accessible from the web. MediaWiki takes
some steps to avoid leaking these images, but these measures are not perfect.
[0] http://
The version in jaunty (1.13.3) already addresses these issues.
Changed in mediawiki: | |
assignee: | nobody → andreas-wenning |
status: | New → In Progress |
Changed in mediawiki: | |
status: | New → In Progress |
Changed in mediawiki: | |
status: | In Progress → Fix Committed |
Changed in mediawiki: | |
status: | New → Confirmed |
status: | New → Confirmed |
status: | New → Fix Committed |
status: | New → Fix Committed |
Changed in mediawiki: | |
status: | Fix Committed → Invalid |
Here is a debdiff for intrepid addressing these issues.