Bug 1170030 (CVE-2014-9507) - CVE-2014-9507 CVE-2014-9277 mediawiki: security issues fixed in the 1.23.7, 1.22.14, and 1.19.22 releases
Summary: CVE-2014-9507 CVE-2014-9277 mediawiki: security issues fixed in the 1.23.7, 1...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2014-9507
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1170031
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-12-03 04:44 UTC by Murray McAllister
Modified: 2019-09-29 13:24 UTC (History)
4 users (show)

Fixed In Version: mediawiki 1.23.7, mediawiki 1.22.14, mediawiki 1.19.22
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-05-27 20:57:34 UTC
Embargoed:


Attachments (Terms of Use)

Description Murray McAllister 2014-12-03 04:44:08 UTC
The MediaWiki 1.23.7, 1.22.14, and 1.19.22 releases fix a number of security flaws:

https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-November/000170.html

The fixed versions are already in Fedora and EPEL 6 testing.

Comment 1 Murray McAllister 2014-12-03 04:44:45 UTC
Created mediawiki119 tracking bugs for this issue:

Affects: epel-5 [bug 1170031]

Comment 2 Martin Prpič 2014-12-04 09:57:28 UTC
CVE request: http://seclists.org/oss-sec/2014/q4/886

Comment 3 Martin Prpič 2014-12-05 13:16:04 UTC
MITRE assigned CVE-2014-9276 and CVE-2014-9277 to these issues:

http://seclists.org/oss-sec/2014/q4/905

Comment 5 Vasyl Kaigorodov 2015-01-06 14:51:23 UTC
MITRE has assigned CVE-2014-9507 to the following issue:

MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and
1.23.x before 1.23.7, when $wgContentHandlerUseDB is enabled, allows
remote attackers to conduct cross-site scripting (XSS) attacks by
setting the content model for a revision to JS.

Reference: CONFIRM:https://phabricator.wikimedia.org/T72901

Comment 6 Patrick Uiterwijk 2015-05-27 20:57:34 UTC
Fixed previously


Note You need to log in before you can comment on or make changes to this bug.