• (bug T76686) [SECURITY] thumb.php outputs wikitext message as raw HTML, which could lead to xss. Permission to edit MediaWiki namespace is required to exploit this.
  • (bug T77028) [SECURITY] Malicious site can bypass CORS restrictions in $wgCrossSiteAJAXdomains in API calls if it only included an allowed domain as part of its name.
  • (bug T74222) The original patch for T74222 was reverted as unnecessary.
  • Fixed a couple of entries in RELEASE-NOTES-1.24.
  • (bug T76168) OutputPage: Add accessors for some protected properties.
  • (bug T74834) Make 1.24 branch directly installable under PostgreSQL.

How to install

sudo dnf upgrade --advisory=FEDORA-2014-17278

This update has been submitted for testing by mooninite.

4 years ago

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/22150/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/22150/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 testing updates repository.

4 years ago

This update has been pushed to testing

4 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

4 years ago

This update has been submitted for stable by mooninite.

4 years ago

Taskotron: upgradepath test PASSED on noarch. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/23867/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 stable updates repository.

4 years ago

This update has been pushed to stable

4 years ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Dates
submitted
4 years ago
in testing
4 years ago
in stable
4 years ago
BZ#1175828 mediawiki: multiple vulnerabilities
0
0
BZ#1175829 mediawiki: multiple vulnerabilities [fedora-all]
0
0

Automated Test Results