Bug 773736 (CVE-2012-0046)

Summary: CVE-2012-0046 mediawiki: prop=revisions allows deleted text to be exposed through cache pollution
Product: [Other] Security Response Reporter: Vincent Danen <vdanen>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: axel.thimm, smooge
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-04-03 18:24:09 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 773741, 773742    
Bug Blocks:    

Description Vincent Danen 2012-01-12 18:22:23 UTC 
MediaWiki 1.17.2 and 1.18.1 were released to correct a security flaw in its API where prop=revisions would expose deleted text to unprivileged users through cache pollution.

MediaWiki 1.16 is no longer supported upstream, but this flaw does seem to affect that version, as per the code changes (r108682).

References:

https://www.mediawiki.org/wiki/Special:Code/MediaWiki/108682
https://bugzilla.wikimedia.org/show_bug.cgi?id=33117
http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_17_2/phase3/RELEASE-NOTES
Comment 1 Vincent Danen 2012-01-12 18:37:51 UTC 
Created mediawiki tracking bugs for this issue

Affects: fedora-all [bug 773741]
Comment 2 Vincent Danen 2012-01-12 18:37:54 UTC 
Created mediawiki116 tracking bugs for this issue

Affects: epel-all [bug 773742]
Comment 3 Vincent Danen 2012-01-13 16:56:36 UTC 
This has been assigned the name CVE-2012-0046:

http://www.openwall.com/lists/oss-security/2012/01/12/8