ALT Linux Bugzilla – Full Text Bug Listing
| Summary: | Прошу собрать с PHP 8.2 | ||
|---|---|---|---|
| Product: | Sisyphus | Reporter: | Andrey Cherepanov <cas> |
| Component: | mediawiki-apache2 | Assignee: | Vitaly Lipatov <lav> |
| Status: | CLOSED FIXED | QA Contact: | qa-sisyphus |
| Severity: | normal | ||
| Priority: | P5 | CC: | lav |
| Version: | unstable | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
|
Description
Andrey Cherepanov
2023-10-16 18:50:49 MSK
mediawiki-1.40.1-alt1 -> sisyphus: Mon Oct 16 2023 Vitaly Lipatov <lav@altlinux.ru> 1.40.1-alt1 - new version 1.40.1 (with rpmrb script) - build with php8.2 by default (ALT bug 48033) - (T333050, CVE-2023-45363) SECURITY: Fix infinite loop for self-redirects with variants conversion. - (T340217, CVE-2023-45359) SECURITY: Vector 2022: Numerous unescaped messages leading to potential XSS. - (T340220, CVE-2023-45361) SECURITY: Vector 2022: vector-intro-page message is assumed to yield a valid title. - (T340221, CVE-2023-45360) SECURITY: XSS via 'youhavenewmessagesmanyusers' and 'youhavenewmessages' messages. - (T341529, CVE-2023-45362) SECURITY: diff-multi-sameuser ("X intermediate revisions by the same user not shown") ignores username suppression. - (T341565, CVE-2023-3550) SECURITY: Stored XSS when uploading crafted XML file to Special:Upload (non standard configuration). |
