FEDORA-2016-41820f4930

security update in Fedora 23 for python-wikitcms

Status: testing 2 years ago

This update contains a SECURITY fix for an issue with potentially serious consequences but very limited scope. If an administrator of a wiki you talked to using python-wikitcms were malicious, they could cause arbitrary code execution as the user running wikitcms. No-one besides a wiki administrator could do this, as it requires crafting the wiki's response to an edit request to include a malicious payload.

It also drops some now useless or unneeded code (due to changes in mediawiki and mwclient).

Comments 4

This update has been submitted for testing by adamwill.

adamwill edited this update.

New build(s):

  • python-wikitcms-2.1.10-1.fc23

Removed build(s):

  • python-wikitcms-2.1.9-1.fc23

This update has been pushed to testing.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines
Is the update generally functional?
Content Type
RPM
Status
testing
Test Gating Status
Tests not running
Submitted by
Update Type
security
Update Severity
high
Karma
0
stable threshold: 2
unstable threshold: -3
Autopush
Enabled
Dates
submitted 2 years ago
in testing 2 years ago
modified 2 years ago

Automated Test Results

Test results and gating status may sometimes conflict as the gating status is retrieved periodically by Bodhi's backend server, while the test results presented here are retrieved upon page load. If your update is marked as gated while all the tests show green/passed, the next check of gating status should open the gate.