[Secure-testing-team] Bug#655694: mediawiki: cache poison vulnerability

Jonathan Wiltshire jmw at debian.org
Fri Jan 13 09:38:45 UTC 2012


Package: mediawiki
Version: 1:1.15.5
Severity: important
Tags: security

CVE-2012-0046 describes a cache poison vulnerability.

Roan Kattouw discovered an issue with the API, where prop=revisions would
expose deleted text to unprivileged users through cache pollution.

Refs: 
http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-January/000107.html
https://bugzilla.wikimedia.org/show_bug.cgi?id=33117



-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.1.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages mediawiki depends on:
ii  apache2                      2.2.21-5
ii  apache2-mpm-prefork [httpd]  2.2.21-5
ii  debconf [debconf-2.0]        1.5.41
ii  mime-support                 3.51-1
ii  php5                         5.3.8.0-1
ii  php5-mysql                   5.3.8.0-1+b1
ii  php5-pgsql                   5.3.8.0-1+b1
ii  php5-sqlite                  5.3.8.0-1+b1

Versions of packages mediawiki recommends:
ii  mysql-server                     5.1.58-1
ii  mysql-server-5.1 [mysql-server]  5.1.58-1
ii  php5-cli                         5.3.8.0-1+b1

Versions of packages mediawiki suggests:
ii  clamav          0.97.3+dfsg-2
ii  imagemagick     8:6.6.9.7-5+b2
ii  mediawiki-math  <none>
ii  memcached       <none>
ii  php5-gd         5.3.8.0-1+b1

-- Configuration Files:
/etc/mediawiki/apache.conf changed [not included]

-- debconf information excluded





More information about the Secure-testing-team mailing list