These flaws were fixed in the recently-released MediaWiki 1.22.1, 1.21.4, and 1.19.10 releases: * MediaWiki user Michael M reported that the fix for bug 55332 (CVE-2013-4568) allowed insertion of escaped CSS values which could pass the CSS validation checks, resulting in XSS. (CVE-2013-6451) <https://bugzilla.wikimedia.org/show_bug.cgi?id=58088> * Chris from RationalWiki reported that SVG files could be uploaded that include external stylesheets, which could lead to XSS when an XSL was used to include JavaScript. (CVE-2013-6452) https://bugzilla.wikimedia.org/show_bug.cgi?id=57550 * During internal review, it was discovered that MediaWiki's SVG sanitization could be bypassed when the XML was considered invalid. (CVE-2013-6453) https://bugzilla.wikimedia.org/show_bug.cgi?id=58553 * During internal review, it was discovered that MediaWiki's CSS sanitization did not filter -o-link attributes, which could be used to execute JavaScript in Opera 12. (CVE-2013-6454) https://bugzilla.wikimedia.org/show_bug.cgi?id=58472 * During internal review, it was discovered that MediaWiki displayed some information about deleted pages in the log API, enhanced RecentChanges, and user watchlists. (CVE-2013-6472) https://bugzilla.wikimedia.org/show_bug.cgi?id=58699 References: http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-January/000138.html https://bugs.gentoo.org/show_bug.cgi?id=498064
Created mediawiki119 tracking bugs for this issue: Affects: epel-6 [bug 1052965]
This issue was addressed in Fedora 19 via the following advisory: https://admin.fedoraproject.org/updates/FEDORA-2014-0803/mediawiki-1.21.4-1.fc19 This issue was addressed in Fedora 20 via the following advisory: https://admin.fedoraproject.org/updates/FEDORA-2014-0861/mediawiki-1.21.4-1.fc20 This issue was addressed in epel 6 via the following advisory: https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0166/mediawiki119-1.19.10-1.el6