Bug 465734 (CVE-2008-4408)
Summary: | CVE-2008-4408 mediawiki: XSS via the useskin parameter | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Tomas Hoger <thoger> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | axel.thimm, ian, roozbeh, smooge |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4408 | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2008-10-08 13:58:53 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Tomas Hoger
2008-10-06 07:22:48 UTC
mediawiki-1.13.2-41.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. mediawiki-1.13.2-40.99.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report. Why didn't bodhi close this automatically? Because it treats bugs filed against 'Security Response' product in a special way. Those bugs are used to track security issues across all "products", both Fedora and Red Hat products, so bodhi currently does not have a good way to know if there is still some product where this flaw needs to be addressed. So it's intentional. This issue was addressed in: Fedora: https://admin.fedoraproject.org/updates/F8/FEDORA-2008-8678 https://admin.fedoraproject.org/updates/F9/FEDORA-2008-8639 |