[SECURITY] Fedora Extras Update: mediawiki-1.8.3-7 [FE 5 6 devel]

Axel Thimm Axel.Thimm at ATrpms.net
Wed Jan 10 09:24:15 UTC 2007


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-EXTRAS-2007-005
---------------------------------------------------------------------
Product:    Fedora Extras [5 6 devel]
Name:       mediawiki
Version:    1.8.3
Release:    7
Summary:    The PHP-based wiki software behind Wikipedia
Description:
MediaWiki is the software used for Wikipedia (http://www.wikipedia.org) and
the other Wikimedia Foundation websites. Compared to other wikis, it has a
wide range of features and support for high-traffic websites using
multiple servers.

---------------------------------------------------------------------
Update Information:

An XSS injection vulnerability was located in the AJAX support module,
affecting MediaWiki 1.6.x and up when the optional setting $wgUseAjax
is enabled.

There is no danger in the default configuration, with $wgUseAjax off.

* Tue Jan  9 2007 Axel Thimm <Axel.Thimm at ATrpms.net> - 1.8.3-7
- Update to 1.8.3.
- Update fixes an XSS injection vulnerability in the AJAX module.

---------------------------------------------------------------------
This update can be installed with the 'yum' update program.  Use 'yum
update package-name' at the command line.  For more information, refer to
'Managing Software with yum,' available at
http://fedora.redhat.com/docs/yum/




More information about the package-announce mailing list