Publishing details

Published on 2022-01-27

Changelog

mediawiki (1:1.31.7-1ubuntu0.1) focal-security; urgency=high

  * SECURITY UPDATE: Information leak and editing permissions bypass
    through various actions (LP: #1955352)
    - d/p/0002-SECURITY-Fix-permissions-checks-in-undo-action-CVE-2.patch:
      tighten and require edit checks on undo actions
    - d/p/0003-SECURITY-Require-read-right-for-most-actions.patch
      ensure "read" permission required on $wgWhitelistRead pages
    - CVE-2021-44858

 -- Kunal Mehta <email address hidden>  Sun, 19 Dec 2021 12:56:25 -0800

Available diffs

diff from 1:1.31.7-1 (in Debian) to 1:1.31.7-1ubuntu0.1 (2.6 KiB)

Builds

amd64

Built packages

mediawiki website engine for collaborative work

mediawiki-classes website engine for collaborative work - standalone classes

Package files

mediawiki-classes_1.31.7-1ubuntu0.1_all.deb (338.3 KiB)
mediawiki_1.31.7-1ubuntu0.1.debian.tar.xz (97.4 KiB)
mediawiki_1.31.7-1ubuntu0.1.dsc (2.4 KiB)
mediawiki_1.31.7-1ubuntu0.1_all.deb (21.8 MiB)
mediawiki_1.31.7.orig.tar.gz (33.6 MiB)
mediawiki_1.31.7.orig.tar.gz.asc (195 bytes)