MediaWiki: Multiple vulnerabilities

MediaWiki: Multiple vulnerabilities Multiple vulnerabilities have been found in MediaWiki, the worst of which may allow remote attackers to cause a Denial of Service. mediawiki 2015-10-31 2015-10-31 545944 557844 remote 1.25.2 1.24.3 1.23.10 1.25.2

MediaWiki is a collaborative editing software used by large projects such as Wikipedia.

Multiple vulnerabilities have been discovered in MediaWiki. Please review the CVE identifiers referenced below for details.

A remote attacker may be able to create a Denial of Service condition, obtain sensitive information, bypass security restrictions, and inject arbitrary web script or HTML.

There is no known workaround at this time.

All MediaWiki 1.25 users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=www-apps/mediawiki-1.25.2"

All MediaWiki 1.24 users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=www-apps/mediawiki-1.24.3"

All MediaWiki 1.23 users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=www-apps/mediawiki-1.23.10"

CVE-2015-2931 CVE-2015-2932 CVE-2015-2933 CVE-2015-2934 CVE-2015-2935 CVE-2015-2936 CVE-2015-2937 CVE-2015-2938 CVE-2015-2939 CVE-2015-2940 CVE-2015-2941 CVE-2015-2942 CVE-2015-6728 CVE-2015-6729 CVE-2015-6730 CVE-2015-6731 CVE-2015-6732 CVE-2015-6733 CVE-2015-6734 CVE-2015-6735 CVE-2015-6736 CVE-2015-6737 BlueKnight ackle