{"id":"MGASA-2014-0113","summary":"Updated mediawiki packages fix security vulnerabilities","details":"MediaWiki user Michael M reported that the fix for CVE-2013-4568 allowed\ninsertion of escaped CSS values which could pass the CSS validation checks,\nresulting in XSS (CVE-2013-6451).\n\nChris from RationalWiki reported that SVG files could be uploaded that\ninclude external stylesheets, which could lead to XSS when an XSL was used\nto include JavaScript (CVE-2013-6452).\n\nDuring internal review, it was discovered that MediaWiki's SVG sanitization\ncould be bypassed when the XML was considered invalid (CVE-2013-6453).\n\nDuring internal review, it was discovered that MediaWiki displayed some\ninformation about deleted pages in the log API, enhanced RecentChanges, and\nuser watchlists (CVE-2013-6472).\n\nNetanel Rubin from Check Point discovered a remote code execution\nvulnerability in MediaWiki's thumbnail generation for DjVu files. Internal\nreview also discovered similar logic in the PdfHandler extension, which\ncould be exploited in a similar way (CVE-2014-1610).\n\nMediaWiki has been updated to version 1.22.2, which fixes these issues, as\nwell as several others.\n\nAlso, the mediawiki-ldapauthentication and mediawiki-math extensions have\nbeen updated to newer versions that are compatible with MediaWiki 1.22.\n\nAdditionally, the mediawiki-graphviz extension has been obsoleted, due to\nthe fact that it is unmaintained upstream and is vulnerable to cross-site\nscripting attacks.\n\nNote: if you were using the \"instances\" feature in these packages to\nsupport multiple wiki instances, this feature has now been removed.  You\nwill need to maintain separate wiki instances manually.\n","modified":"2026-04-16T06:22:54.196807544Z","published":"2014-03-02T20:53:30Z","upstream":["CVE-2013-6451","CVE-2013-6452","CVE-2013-6453","CVE-2013-6472","CVE-2014-1610"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0113.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=12337"},{"type":"WEB","url":"http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-January/000138.html"},{"type":"WEB","url":"http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-January/000140.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/pipermail/package-announce/2014-January/127027.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/pipermail/package-announce/2014-February/127948.html"},{"type":"WEB","url":"http://www.mediawiki.org/wiki/Extension:GraphViz"}],"affected":[{"package":{"name":"mediawiki","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/mediawiki?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.22.2-1.1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0113.json"}},{"package":{"name":"mediawiki-ldapauthentication","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/mediawiki-ldapauthentication?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0f-1.1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0113.json"}},{"package":{"name":"mediawiki-math","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/mediawiki-math?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1-1.1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0113.json"}},{"package":{"name":"mediawiki","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/mediawiki?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.22.2-1.1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0113.json"}},{"package":{"name":"mediawiki-ldapauthentication","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/mediawiki-ldapauthentication?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0f-1.1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0113.json"}},{"package":{"name":"mediawiki-math","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/mediawiki-math?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1-1.1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0113.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}