it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5651-1] mediawiki security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5651-1] mediawiki security update
Date: Sun, 31 Mar 2024 19:13:32 +0000
List-archive: https://lists.debian.org/msgid-search/Zgm13Ajw4fIaLt2U AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=3cKzIzTnN7cyDoPP5/SCi11j4zoSWRmuPTxt19aV0Zg=; b=Kd olHoBD1N5Bxv0fhE2cC0qVVQPOHT5hPeV01+KON1QYBC52EurffwjlB2dxboKNDbFaRJ/3J6RfYMM ctLW3Cg3gKPjzceArwGt8aGA0yzD1uZjKQNIJuGbXCW2ABlFqGZLpTZQU/KMd6ozHI0cgPMpr8jCi FyLS8G8WYHH7tNu4aapOUZ2D0MsLGoRKE0MO44SFk00gMoH8g6uudlm50RWOnCJHDN12T4oaJJM9C z2Ax6F1TzVv0HXX98AsK+HMFv/zMzX8neUirjDcq9sUCEPfFpvVujW/ROnHIyU08y2JdIPVteb8D2 4OqEoQiq2a96u35MudgpjFVOUIpsYxHg==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Sun, 31 Mar 2024 19:14:00 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <ELoQZiGGgjM.A.7NC.4XbCmB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5651-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
March 31, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : mediawiki
CVE ID : not yet available

Two security issues were discovered in MediaWiki, a website engine for
collaborative work, which could result in cross-site scripting or denial
of service.

For the oldstable distribution (bullseye), this problem has been fixed
in version 1:1.35.13-1+deb11u2.

For the stable distribution (bookworm), this problem has been fixed in
version 1:1.39.7-1~deb12u1.

We recommend that you upgrade your mediawiki packages.

For the detailed security status of mediawiki please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/mediawiki

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmYJtD4ACgkQEMKTtsN8
TjZxJA//c0hvMWL9Z5zN5rxn3K+Zc6SL9EjbOsWuOcpGWInkdNGKFL1ohLsoWKo5
tZRA/KuGv9LNMJU/StYbb10s7yuSsHWnJ3/DXXs7LV9voOam4SCyOQoSQ1/VOL2I
pdzycN9algbPXxMUYTu9NA1ogSFrjLvdFDpcEmzl2bnhlVLV554a1DeLY7S9PFyH
7Z89KbcDq/SJg1qXArvUNyCPnfdEAdfJgzuOoFECGDOwloFEy89zShZK03FiylJ+
o0kGzDOk0Knk9cE1vkdLlDVpBg9YaQpA9S4Pv6dCEQm3TYvFPqX6sbeO0l7cX8TL
KntrON2ElMrATzV2o269RuB7CLoIX4KIIG61pEkWDM/ZAvzvPox8XbZqgnNVZiBZ
c02SXuvJ0W0HsBhh5mHHSGznWXvh6DxD/pVWR4+TWzs4Il/vdfCStMu8Oaw1Bjnq
sJkIgHK3SSGIuxfMYGsiJZ4eK40fJ6+v7b7m2mtaHgpSEgCZyn0dtr70OwkH0slr
7BTpwnWQ/1svGB2aPQ82Wip+dJuap/xRI60tnbT8ipM17Vq8ECeL65ef4R+Atf6L
4cC7TQCMXI66XU/ZYSUpiOs2qYDI9aqzT90EgyQkRnJbbIh4xDd3mqSFIxXVR4d/
J5poHPiVo9Gr8LVldyfDNa2OCdxhJ74DyY+qkgaH43Yb0CmFEak=
=YhNf
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5651-1] mediawiki security update, Moritz Muehlenhoff, 31.03.2024

Archiv bereitgestellt durch MHonArc 2.6.19+.