-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2847-1 [email protected] https://www.debian.org/lts/security/ Moritz Muehlenhoff December 15, 2021 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : mediawiki Version : 1:1.27.7-1+deb9u11 CVE ID : CVE-2021-44858 A security issue was discovered in MediaWiki, a website engine for collaborative work: Missing validation in the mcrundo action may allow allow an attacker to leak page content from private wikis or to bypass edit restrictions. For additional information please refer to https://www.mediawiki.org/wiki/2021-12_security_release/FAQ For Debian 9 stretch, this problem has been fixed in version 1:1.27.7-1+deb9u11. We recommend that you upgrade your mediawiki packages. For the detailed security status of mediawiki please refer to its security tracker page at: https://security-tracker.debian.org/tracker/mediawiki Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmG6SM4ACgkQEMKTtsN8 TjY+WA/7Bmk+zIS5SDNFiz3WhZe8AVe0zf4e89y4MoGD1mnPfUNjSQrnc6u7v/5y 6JE5Pz+hj0XVyp7SxB3+aVMKv2REt+DlGXVXckhESm2MTHnYcPOnmVBrVnBLQZtj hAM+tyFwMn0s6mEFblI38c0z4G6p38TIl5bLSBdCVTpOz80mgMekoIt10m51BOEW FWsOYWGPjzgZIU2/FmMjZpdIOFft7EHxuMZv5lQ7wmFX3JifhjU2hYlShgZNpVwW cxLYZ/RhXF4ptnlRvQOhk+wcFcmw/W9HfoCHB9Asijn0Fuxl8RPpx7LBSRY3Ao+J 07W2m0LbhVIvnbT83YyB2YNtddY/CkPH0aS574xHEfJ3Q4xjLdNC/LK7S9oKXoYI wQaWnMEUhMIk6JsWJ4tTFWkGg22T2lbEJCqwdYvQoqiq+LdfUpFa9FN3PLeVl/lC qTi1nrMI0PuyBGKr5UUWltQpaP14dJrGXgvvqZqvefnSqy9j8f64Uy/iAPRRWjoL IeD8lLtgYY83X1bakjEK5EL3ACFHK+dxuRtES48fkMXw7QzutyKQwqeo0BxYyL6G 2et34200NU+yMQld+QARWIg9m5fhZFUYWj160LdiN9XA84XuFgJ8WHtvkaRWS7Ri 8HLUZdWR8bYwl7iUk4Z6180+PO9/2HTxerkAHKklvMvCg3WKx6Y= =GNb2 -----END PGP SIGNATURE-----
