1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2014-9583

[FEDORA-2014-9583] Fedora 20: mediawiki

Severity High
Affected Packages 1
CVEs 10
Info Packages References Vulnerabilities

This is a major update from the 1.21 branch to the 1.23 long term support branch.

  • (bug 68187) SECURITY: Prepend jsonp callback with comment. - CVE-2014-5241
  • (bug 66608) SECURITY: Fix for XSS issue in bug 66608: Generate the URL used for loading a new page in Javascript,instead of relying on the URL in the link that has been clicked. - CVE-2014-5242
  • (bug 65778) SECURITY: Copy prevent-clickjacking between OutputPage and ParserOutput. - CVE-2014-5243
Package Affected Version
pkg:rpm/fedora/mediawiki?distro=fedora-20 < 1.23.2.1.fc20
ID
FEDORA-2014-9583
Severity
high
Severity from
CVE-2013-6453
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2014-9583
Published
2014-08-27T01:34:20
(10 years ago)
Modified
2014-08-27T01:34:20
(10 years ago)
Rights
Copyright 2014 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 1125111 Bug #1125111 - CVE-2014-5241,CVE-2014-5242,CVE-2014-5243 mediawiki: security issues fixed in the 1.19.18, 1.22.9, and 1.23.2 releases https://bugzilla.redhat.com/show_bug.cgi?id=1125111
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/mediawiki?distro=fedora-20 fedora mediawiki < 1.23.2.1.fc20 fedora-20
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date