MediaWiki Multiple Vulnerabilities Fixed by 1.26.1, 1.25.4, 1.24.5 and 1.23.12
Description
(#Several vulnerabilities have been identified in MediaWiki:#- CVE-2015-8622: cross-site scripting within wikitext when the variable "wgArticlePath" is set to $1.#- CVE-2015-8623: timing attack due to the tokens comparison type within "User::matchEditToken"#- CVE-2015-8624: timing attack due to the tokens comparison type within "User::matchEditToken"#- CVE-2015-8625: arbitrary file upload when the curl library is passed a variable starting with '@'#- CVE-2015-8626: security bypass due to weak password generation via the "User::randomPassword()" function#- CVE-2015-8627: denial of service due to block of certain IP ranges when padding has to be used#- CVE-2015-8628: information leak during a series of redirection from the Special:MyPage page allowing a user login to be revealed.##The mediawiki packages provided for Debian squeeze 6, Wheezy 7 and Jessie 8 are vulnerable.#Updated, 06/06/2016:#Contrarily to the statement above, the mediawiki packages provided by Debian Jessie 8 are not vulnerable.)
