Following security issue was fixed in upstream: https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html * (bug 69008) SECURITY: Enhance CSS filtering in SVG files. Filter <style> * elements; normalize style elements and attributes before filtering; add checks * for attributes that contain css; add unit tests for html5sec and reported * bugs. https://bugzilla.wikimedia.org/show_bug.cgi?id=69008
Created mediawiki tracking bugs for this issue: Affects: fedora-all [bug 1146516]
Created mediawiki119 tracking bugs for this issue: Affects: epel-all [bug 1146517]
MITRE assigned CVE-2014-7199 to this issue.
mediawiki-1.23.4-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
mediawiki-1.23.4-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
mediawiki-1.23.4-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
mediawiki119-1.19.20-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.