From 2cddd60bde018a03f1ad34f1b8295a74c2712156 Mon Sep 17 00:00:00 2001 From: Lev Lamberov Date: Fri, 3 Apr 2020 12:03:24 +0500 Subject: [SECURITY] [DSA 4651-1] mediawiki security update --- english/security/2020/dsa-4651.data | 13 +++++++++++++ english/security/2020/dsa-4651.wml | 21 +++++++++++++++++++++ 2 files changed, 34 insertions(+) create mode 100644 english/security/2020/dsa-4651.data create mode 100644 english/security/2020/dsa-4651.wml diff --git a/english/security/2020/dsa-4651.data b/english/security/2020/dsa-4651.data new file mode 100644 index 00000000000..793fde87a88 --- /dev/null +++ b/english/security/2020/dsa-4651.data @@ -0,0 +1,13 @@ +DSA-4651-1 mediawiki +2020-4-02 +CVE-2020-10960 +mediawiki +yes +yes +no + +#use wml::debian::security + + + + diff --git a/english/security/2020/dsa-4651.wml b/english/security/2020/dsa-4651.wml new file mode 100644 index 00000000000..bb14b9c28fa --- /dev/null +++ b/english/security/2020/dsa-4651.wml @@ -0,0 +1,21 @@ +security update + +

It was discovered that some user-generated CSS selectors in MediaWiki, a +website engine for collaborative work, were not escaped.

+ +

The oldstable distribution (stretch) is not affected.

+ +

For the stable distribution (buster), this problem has been fixed in +version 1:1.31.7-1~deb10u1.

+ +

We recommend that you upgrade your mediawiki packages.

+ +

For the detailed security status of mediawiki please refer to +its security tracker page at: +\ +https://security-tracker.debian.org/tracker/mediawiki

+ + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4651.data" +# $Id: $ -- cgit v1.2.3