Fedora Linux 8811 Published by

A mediawiki security update has been released for Fedora 35.



SECURITY: Fedora 35 Update: mediawiki-1.36.3-1.fc35


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-bef1126908
2022-01-08 01:18:41.488431
--------------------------------------------------------------------------------

Name : mediawiki
Product : Fedora 35
Version : 1.36.3
Release : 1.fc35
URL :   https://www.mediawiki.org/
Summary : A wiki engine
Description :
MediaWiki is the software used for Wikipedia and the other Wikimedia
Foundation websites. Compared to other wikis, it has an excellent
range of features and support for high-traffic websites using multiple
servers

This package supports wiki farms. Read the instructions for creating wiki
instances under /usr/share/doc/mediawiki/README.RPM.
Remember to remove the config dir after completing the configuration.

--------------------------------------------------------------------------------
Update Information:

  https://www.mediawiki.org/wiki/Release_notes/1.36#MediaWiki_1.36.3
--------------------------------------------------------------------------------
ChangeLog:

* Wed Dec 29 2021 Michael Cronenworth - 1.36.3-1
- Update to 1.36.3
-   https://www.mediawiki.org/wiki/Release_notes/1.36#MediaWiki_1.36.3
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2036080 - CVE-2021-45471 mediawiki: blocked IP addresses are allowed to edit EntitySchema items [fedora-all]
  https://bugzilla.redhat.com/show_bug.cgi?id=2036080
[ 2 ] Bug #2036083 - CVE-2021-45472 mediawiki: XSS in Wikibase using formatter URL [fedora-all]
  https://bugzilla.redhat.com/show_bug.cgi?id=2036083
[ 3 ] Bug #2036088 - CVE-2021-45473 mediawiki: XSS on page information Wikibase central description [fedora-all]
  https://bugzilla.redhat.com/show_bug.cgi?id=2036088
[ 4 ] Bug #2036090 - CVE-2021-45474 mediawiki: XSS in Special:ImportFile URL [fedora-all]
  https://bugzilla.redhat.com/show_bug.cgi?id=2036090
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-bef1126908' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________