Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 12 Aug 2015 06:07:55 -0700
From: Chris Steipp <>
Subject: CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10

Hi, the following issues were patched in MediaWiki and extensions this
week. Can we get CVE's assigned?

* Internal review discovered that Special:DeletedContributions did not
properly protect the IP of autoblocked users. This fix makes the
functionality of Special:DeletedContributions consistent with
Special:Contributions and Special:BlockList.

* Internal review discovered that watchlist anti-csrf tokens were not being
compared in constant time, which could allow various timing attacks. This
could allow an attacker to modify a user's watchlist via csrf.

* John Menerick reported that MediaWiki's thumb.php failed to sanitize
various error messages, resulting in xss.

* Extension:SemanticForms - MediaWiki user Grunny discovered multiple
reflected xss vectors in SemanticForms. Further internal review discovered
and fixed other reflected and stored xss vectors.

* Extension:SyntaxHighlight_GeSHi - xss and potential DoS vectors. Internal
review discovered that the contib directory for GeSHi was re-included in
MediaWiki 1.25. Some scripts could be potentially be used for DoS, and DAU
Huy Ngoc discovered an xss vector. All contrib scripts have been removed.

* Extension:TimedMediaHandler - User:McZusatz reported that resetting
transcodes deleted the transcode without creating a new one, which could be
used for vandalism or potentially DoS.

* Extension:Quiz - Internal review discovered that Quiz did not properly
escape regex metacharacters in a user controlled regular expression,
enabling a DoS vector.

* Extension:Widgets - MediaWiki developer Majr reported a potential HTML
injection (xss) vector.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ