sudo dnf upgrade --advisory=FEDORA-2021-bef1126908
This update has been submitted for testing by mooninite.
This update's test gating status has been changed to 'ignored'.
This update has been pushed to testing.
Thx for the update @mooninite,
can You comment on those CVEs? AFAIK 1.36.3 fixes
For the vulns listed under 'bugs' for this update there are some patches available, but I'm not sure if they made it to 1.36.3 in time:
Can You clarify which set of vulns is fixed with this update?
@bynt, the bug report CVEs are for MediaWiki extensions that are not shipped as part of our package.
Example: CVE-2021-45474 is against the 'FileImporter' extension.
CVE-2021-45472 and CVE-2021-45473 - are against the 'Wikibase' extension.
CVE-2021-45471 is against the 'EntitySchema' extension.
OK, thanks for clarifying. We process Fedora's Security Updates primarily based on CVEs listed under 'Bugs', so that info helps. Plus I understand the Wikimedia phabricator listing better now. tyvm!
This update has been submitted for stable by bodhi.
This update has been pushed to stable.
Please login to add feedback.
Confirm request to re-trigger tests.
Copyright © 2007-2019 Red Hat, Inc. and
bodhi is Free Software.
if you have any problems. Read the documentation.