Ubuntu
mediawiki package

1.15.2 security update released; CSS validation issue

Bug #537974 reported by Andreas Wenning
262
This bug affects 1 person
Affects Status Importance Assigned to Milestone
mediawiki (Ubuntu)
Fix Released
Undecided
Unassigned
Hardy
Fix Released
Undecided
Unassigned
Intrepid
Fix Released
Undecided
Unassigned
Jaunty
Fix Released
Undecided
Unassigned
Karmic
Fix Released
Undecided
Unassigned
Lucid
Fix Released
Undecided
Unassigned

Bug Description

Binary package hint: mediawiki

From the release notes:
A CSS validation issue was discovered which allows editors to display
external images in wiki pages. This is a privacy concern on public
wikis, since a malicious user may link to an image on a server they
control, which would allow that attacker to gather IP addresses and
other information from users of the public wiki. All sites running
publicly-editable MediaWiki installations are advised to upgrade. All
versions of MediaWiki (prior to this one) are affected.

Apart from the security issue a number of other bug-fixes is also included in the release. Looking through the release notes it is purely bugfix updates (and an import of improved translations):
http://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_15_2/phase3/?view=log

Andreas Wenning (andreas-wenning)
visibility: private → public
Andreas Wenning (andreas-wenning)
Changed in mediawiki (Ubuntu Hardy):
status: New → In Progress
Changed in mediawiki (Ubuntu Intrepid):
status: New → In Progress
Changed in mediawiki (Ubuntu Jaunty):
status: New → In Progress
Changed in mediawiki (Ubuntu Karmic):
status: New → In Progress
Changed in mediawiki (Ubuntu Lucid):
status: New → In Progress
Andreas Wenning (andreas-wenning)
Changed in mediawiki (Ubuntu Lucid):
status: In Progress → Fix Committed
Revision history for this message
Andreas Wenning (andreas-wenning) wrote :

This debdiff fixes the security issue for karmic. Package has been built and tested in a karmic chroot.

Revision history for this message
Andreas Wenning (andreas-wenning) wrote :

This debdiff fixes the security issue for jaunty. Package has been built and tested in a jaunty chroot.

Revision history for this message
Andreas Wenning (andreas-wenning) wrote :

This debdiff fixes the security issue for intrepid. Package has been built and tested in a intrepid chroot.

Revision history for this message
Andreas Wenning (andreas-wenning) wrote :

This debdiff fixes the security issue for hardy. Package has been built and tested in a hardy chroot.

Changed in mediawiki (Ubuntu Karmic):
status: In Progress → Confirmed
Changed in mediawiki (Ubuntu Jaunty):
status: In Progress → Confirmed
Changed in mediawiki (Ubuntu Intrepid):
status: In Progress → Confirmed
Changed in mediawiki (Ubuntu Hardy):
status: In Progress → Confirmed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mediawiki - 1:1.15.1-1ubuntu1

---------------
mediawiki (1:1.15.1-1ubuntu1) lucid; urgency=low

  * SECURITY UPDATE: CSS validation issue allowing external images to be included
    into wikis where that is disallowed by conf. (LP: #537974)
    - debian/patches/CSS-no-CVE_rev-63429.patch
    - patch from upstream SVN rev. 63429
    - http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
  * SECURITY UPDATE: Data leakage vulnerability in thumb.php affecting wikis
    which restrict access to private files using eg. img_auth.php.
    - debian/patches/DataLeakage-no-CVE_rev-63436.patch
    - patch from upstream SVN rev. 63436
    - http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
 -- Andreas Wenning <email address hidden> Fri, 12 Mar 2010 12:06:25 +0100

Changed in mediawiki (Ubuntu Lucid):
status: Fix Committed → Fix Released
Revision history for this message
Andreas Wenning (andreas-wenning) wrote :

A small regression in the last hardy upload was found in bug 539697 . Here is a new version of the above patch fixing the regression at the same time, if we can integrate it like this.

Revision history for this message
Andreas Wenning (andreas-wenning) wrote :

Same regression present in the intrepid package; fix follows.

Revision history for this message
Andreas Wenning (andreas-wenning) wrote :

A better version of the regression fix found after talking to mdeslaur on irc. Here is the version for hardy which has been tested in a chroot.

Only hardy and intrepid is affected by the regression.

Revision history for this message
Andreas Wenning (andreas-wenning) wrote :

And for intrepid; tested and works.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mediawiki - 1:1.15.0-1.1ubuntu0.1

---------------
mediawiki (1:1.15.0-1.1ubuntu0.1) karmic-security; urgency=low

  * SECURITY UPDATE: CSS validation issue allowing external images to be included
    into wikis where that is disallowed by conf. (LP: #537974)
    - debian/patches/CSS-no-CVE_rev-63429.patch
    - patch from upstream SVN rev. 63429
    - http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
 -- Andreas Wenning <email address hidden> Fri, 12 Mar 2010 11:53:47 +0100

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mediawiki - 1:1.13.3-1ubuntu2.1

---------------
mediawiki (1:1.13.3-1ubuntu2.1) jaunty-security; urgency=low

  * SECURITY UPDATE: CSS validation issue allowing external images to be included
    into wikis where that is disallowed by conf. (LP: #537974)
    - debian/patches/CSS-no-CVE_rev-63429.patch
    - patch from upstream SVN rev. 63429
    - http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
 -- Andreas Wenning <email address hidden> Fri, 12 Mar 2010 11:51:52 +0100

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mediawiki - 1:1.12.0-2ubuntu0.4

---------------
mediawiki (1:1.12.0-2ubuntu0.4) intrepid-security; urgency=low

  * SECURITY UPDATE: CSS validation issue allowing external images to be included
    into wikis where that is disallowed by conf. (LP: #537974)
    - debian/patches/CSS-no-CVE_rev-63429.patch
    - patch based on upstream SVN rev. 63429
    - http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
  * Fix regression in CVE-2009-0737.patch, where the database-specific options
    will not be shown by default when installing mediawiki. (LP: #539697)
 -- Andreas Wenning <email address hidden> Fri, 12 Mar 2010 11:51:32 +0100

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mediawiki - 1:1.11.2-2ubuntu0.4

---------------
mediawiki (1:1.11.2-2ubuntu0.4) hardy-security; urgency=low

  * SECURITY UPDATE: CSS validation issue allowing external images to be included
    into wikis where that is disallowed by conf. (LP: #537974)
    - debian/patches/CSS-no-CVE_rev-63429.patch
    - patch based on upstream SVN rev. 63429
    - http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
  * Fix regression in CVE-2009-0737.patch, where the database-specific options
    will not be shown by default when installing mediawiki. (LP: #539697)
 -- Andreas Wenning <email address hidden> Tue, 16 Mar 2010 18:43:48 +0100

Changed in mediawiki (Ubuntu Hardy):
status: Confirmed → Fix Released
Changed in mediawiki (Ubuntu Intrepid):
status: Confirmed → Fix Released
Changed in mediawiki (Ubuntu Jaunty):
status: Confirmed → Fix Released
Changed in mediawiki (Ubuntu Karmic):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.