1. Home
  2. Security Advisories
  3. Gentoo
  4. GLSA-202107-40

[GLSA-202107-40] MediaWiki: Multiple vulnerabilities

Severity Low
Affected Packages 1
Unaffected Packages 1
CVEs 8
Info Packages References Vulnerabilities

Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in a Denial of Service condition.

Background
MediaWiki is a collaborative editing software used by large projects
such as Wikipedia.

Description
Multiple vulnerabilities have been discovered in MediaWiki. Please
review the CVE identifiers referenced below for details.

Impact
Please review the referenced CVE identifiers for details.

Workaround
There is no known workaround at this time.

Resolution
All MediaWiki users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-apps/mediawiki-1.36.1"

Package Affected Version
pkg:ebuild/www-apps/mediawiki?distro=gentoo < 1.36.1
Package Unaffected Version
pkg:ebuild/www-apps/mediawiki?distro=gentoo >= 1.36.1
ID
GLSA-202107-40
Severity
low
URL
https://security.gentoo.org/glsa/202107-40
Published
2021-07-17T00:00:00
(3 years ago)
Modified
2021-07-17T00:00:00
(3 years ago)
Rights
Gentoo Foundation, Inc.
Other Advisories
Source # ID Name URL
CVE CVE-2021-30152 CVE-2021-30152 https://nvd.nist.gov/vuln/detail/CVE-2021-30152
CVE CVE-2021-30154 CVE-2021-30154 https://nvd.nist.gov/vuln/detail/CVE-2021-30154
CVE CVE-2021-30155 CVE-2021-30155 https://nvd.nist.gov/vuln/detail/CVE-2021-30155
CVE CVE-2021-30157 CVE-2021-30157 https://nvd.nist.gov/vuln/detail/CVE-2021-30157
CVE CVE-2021-30158 CVE-2021-30158 https://nvd.nist.gov/vuln/detail/CVE-2021-30158
CVE CVE-2021-30159 CVE-2021-30159 https://nvd.nist.gov/vuln/detail/CVE-2021-30159
CVE CVE-2021-30458 CVE-2021-30458 https://nvd.nist.gov/vuln/detail/CVE-2021-30458
CVE CVE-2021-35197 CVE-2021-35197 https://nvd.nist.gov/vuln/detail/CVE-2021-35197
Bugzilla 780654 Bugzilla #780654 https://bugs.gentoo.org/show_bug.cgi?id=780654
Bugzilla 797661 Bugzilla #797661 https://bugs.gentoo.org/show_bug.cgi?id=797661
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:ebuild/www-apps/mediawiki?distro=gentoo www-apps mediawiki < 1.36.1 gentoo
Unaffected pkg:ebuild/www-apps/mediawiki?distro=gentoo www-apps mediawiki >= 1.36.1 gentoo
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date