As reported: A flaw was found in mediawiki. When a log event is (partially) hidden Special:Redirect/logid can link to the incorrect log and reveal hidden information. Upstream bug: https://phabricator.wikimedia.org/T187638 References: https://lists.wikimedia.org/pipermail/mediawiki-announce/2018-September/000223.html
Created mediawiki tracking bugs for this issue: Affects: fedora-all [bug 1634170]
Updating affected products; mediawiki-123 is the container name, mediawiki123 is the package name.
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 3.10 Via RHSA-2019:3238 https://access.redhat.com/errata/RHSA-2019:3238
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2018-0504
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 3.9 Via RHSA-2019:3813 https://access.redhat.com/errata/RHSA-2019:3813