svn commit: r505874 - head/security/vuxml

Fri Jul 5 00:44:50 UTC 2019

Author: wen
Date: Fri Jul  5 00:44:48 2019
New Revision: 505874
URL: https://svnweb.freebsd.org/changeset/ports/505874

Log:
  - Document mediawiki multiple vulnerabilities

Modified:
  head/security/vuxml/vuln.xml

Modified: head/security/vuxml/vuln.xml
==============================================================================

--- head/security/vuxml/vuln.xml	Fri Jul  5 00:28:50 2019	(r505873)
+++ head/security/vuxml/vuln.xml	Fri Jul  5 00:44:48 2019	(r505874)
@@ -58,6 +58,62 @@ Notes:
   * Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="3c5a4fe0-9ebb-11e9-9169-fcaa147e860e">
+    <topic>mediawiki -- multiple vulnerabilities</topic>
+    <affects>
+      <package>
+	<name>mediawiki131</name>
+	<range><lt>1.31.3</lt></range>
+      </package>
+      <package>
+	<name>mediawiki132</name>
+	<range><lt>1.32.3</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>Mediawiki reports:</p>
+	<blockquote cite="https://lists.wikimedia.org/pipermail/mediawiki-announce/2019-June/000230.html">
+	  <p>Security fixes:
+	    T197279, CVE-2019-12468: Directly POSTing to Special:ChangeEmail would allow
+	    for bypassing reauthentication, allowing for potential account takeover.
+	    T204729, CVE-2019-12473: Passing invalid titles to the API could cause a DoS
+	    by querying the entire `watchlist` table.
+	    T207603, CVE-2019-12471: Loading user JavaScript from a non-existent account
+	    allows anyone to create the account, and XSS the users' loading that script.
+	    T208881: blacklist CSS var().
+	    T199540, CVE-2019-12472: It is possible to bypass the limits on IP range
+	    blocks (`$wgBlockCIDRLimit`) by using the API.
+	    T212118, CVE-2019-12474: Privileged API responses that include whether a
+	    recent change has been patrolled may be cached publicly.
+	    T209794, CVE-2019-12467: A spammer can use Special:ChangeEmail to send out
+	    spam with no rate limiting or ability to block them.
+	    T25227, CVE-2019-12466: An account can be logged out without using a token(CRRF)
+	    T222036, CVE-2019-12469: Exposed suppressed username or log in Special:EditTags.
+	    T222038, CVE-2019-12470: Exposed suppressed log in RevisionDelete page.
+	    T221739, CVE-2019-11358: Fix potential XSS in jQuery.</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <cvename>CVE-2019-11358</cvename>
+      <cvename>CVE-2019-12466</cvename>
+      <cvename>CVE-2019-12467</cvename>
+      <cvename>CVE-2019-12468</cvename>
+      <cvename>CVE-2019-12469</cvename>
+      <cvename>CVE-2019-12470</cvename>
+      <cvename>CVE-2019-12471</cvename>
+      <cvename>CVE-2019-12472</cvename>
+      <cvename>CVE-2019-12473</cvename>
+      <cvename>CVE-2019-12474</cvename>
+      <url>https://lists.wikimedia.org/pipermail/mediawiki-announce/2019-June/000230.html</url>
+    </references>
+    <dates>
+      <discovery>2019-04-23</discovery>
+      <entry>2019-07-05</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="b79ec16b-9da7-11e9-a0ea-a92fe7db4867">
     <topic>ettercap -- out-of-bound read vulnerability</topic>
     <affects>
