[Bug 1955352] Re: Vulnerable to information disclosure through various actions
Ubuntu Foundations Team Bug Bot
1955352 at bugs.launchpad.net
Mon Dec 20 00:27:39 UTC 2021
The attachment "impish.debdiff" seems to be a debdiff. The ubuntu-
sponsors team has been subscribed to the bug report so that they can
review and hopefully sponsor the debdiff. If the attachment isn't a
patch, please remove the "patch" flag from the attachment, remove the
"patch" tag, and if you are member of the ~ubuntu-sponsors, unsubscribe
the team.
[This is an automated message performed by a Launchpad user owned by
~brian-murray, for any issue please contact him.]
** Tags added: patch
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1955352
Title:
Vulnerable to information disclosure through various actions
Status in mediawiki package in Ubuntu:
New
Bug description:
The versions of MediaWiki in supported Ubuntu releases are vulnerable
to CVE-2021-44857, CVE-2021-44858, and CVE-2021-45038.
See <https://www.mediawiki.org/wiki/2021-12_security_release/FAQ> for
more details.
I will upload some debdiffs with patches shortly.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mediawiki/+bug/1955352/+subscriptions
More information about the Ubuntu-sponsors
mailing list