Download
| Alert*
oval:org.secpod.oval:def:601248
In the Mediawiki update issued as DSA 2891-1, a few files were missing from the package. This update corrects that problem. For reference, the original advisory text follows. Several vulnerabilities were discovered in MediaWiki, a wiki engine. The Common Vulnerabilities and Exposures project describ ... oval:org.secpod.oval:def:601251 The Mediawiki update issued as DSA 2891-1 caused regressions. This update fixes those problems. For reference the original advisory text follows. Several vulnerabilities were discovered in MediaWiki, a wiki engine. The Common Vulnerabilities and Exposures project describers the followin issues: CVE- ... oval:org.secpod.oval:def:601527 mediawiki-extensions is installed oval:org.secpod.oval:def:600933 Thorsten Glaser discovered that the RSSReader extension for mediawiki, a website engine for collaborative work, does not properly escape tags in feeds. This could allow a malicious feed to inject JavaScript into the mediawiki pages. |