Ubuntu
mediawiki package

[CVE-2010-1190] Data leakage vulnerability in thumb.php

Bug #603740 reported by Andreas Wenning on 2010-07-09

262

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	mediawiki (Debian)	Fix Released	Undecided	Unassigned
	mediawiki (Ubuntu)	Fix Released	Undecided	Unassigned
	Hardy	Fix Released	Undecided	Unassigned
	Jaunty	Fix Released	Undecided	Unassigned
	Karmic	Fix Released	Undecided	Unassigned

Bug Description

Binary package hint: mediawiki

http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html

From upstream announcement:
A data leakage vulnerability was discovered in thumb.php which affects
wikis which restrict access to private files using img_auth.php, or
some similar scheme. All versions of MediaWiki since 1.5 are affected.

Lucid and onward fixed in 1:1.15.1-1ubuntu1

Related branches

lp:ubuntu/hardy-security/mediawiki

lp:ubuntu/karmic-security/mediawiki

lp:ubuntu/jaunty-security/mediawiki

CVE References

2010-1190

Andreas Wenning (andreas-wenning) on 2010-07-09

visibility:	private → public
Changed in mediawiki (Ubuntu):
status:	New → Fix Released

Revision history for this message

Jonathan Wiltshire (jwiltshire) wrote on 2010-07-09:

#1

As far as Karmic goes, the best thing might be to upload 1:1.15.3 or .4 since these are upstream's stable series anyway and include other security fixes.

Changed in mediawiki (Debian):
status:	New → Fix Released

Revision history for this message

Andreas Wenning (andreas-wenning) wrote on 2010-07-09:

#2

mediawiki_1.15.0-1.1ubuntu0.4.debdiff Edit (3.1 KiB, text/plain)

Already prepared debdiffs for hardy, jaunty and karmic fixing this. All has been tested in .chroots to verify the fix.
First follows for karmic.

Revision history for this message

Andreas Wenning (andreas-wenning) wrote on 2010-07-09:

#3

For jaunty.

Revision history for this message

Andreas Wenning (andreas-wenning) wrote on 2010-07-09:

#4

mediawiki_1.13.3-1ubuntu2.4.debdiff Edit (3.2 KiB, text/plain)

Revision history for this message

Andreas Wenning (andreas-wenning) wrote on 2010-07-09:

#5

mediawiki_1.11.2-2ubuntu0.7.debdiff Edit (2.8 KiB, text/plain)

And lastly for hardy.

Changed in mediawiki (Ubuntu Karmic):
status:	New → Confirmed
Changed in mediawiki (Ubuntu Hardy):
status:	New → Confirmed
Changed in mediawiki (Ubuntu Jaunty):
status:	New → Confirmed

Revision history for this message

Marc Deslauriers (mdeslaur) wrote on 2010-07-12:

#6

Thanks for the debdiffs Andreas.

ACK to all three. Packages are building now and will be released soon.

Changed in mediawiki (Ubuntu Hardy):
status:	Confirmed → Fix Committed
Changed in mediawiki (Ubuntu Karmic):
status:	Confirmed → Fix Committed
Changed in mediawiki (Ubuntu Jaunty):
status:	Confirmed → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2010-07-13:

#7

This bug was fixed in the package mediawiki - 1:1.15.0-1.1ubuntu0.4

---------------
mediawiki (1:1.15.0-1.1ubuntu0.4) karmic-security; urgency=low

  * SECURITY UPDATE: Data leakage vulnerability in thumb.php affecting wikis
    which restrict access to private files using eg. img_auth.php.
    - CVE-2010-1190
    - debian/patches/DataLeakage-CVE-2010-1190.patch
    - patch from upstream SVN rev. 63436
    - http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
    - LP: #603740
-- Andreas Wenning <email address hidden> Fri, 09 Jul 2010 22:23:06 +0200

Revision history for this message

Launchpad Janitor (janitor) wrote on 2010-07-13:

#8

This bug was fixed in the package mediawiki - 1:1.13.3-1ubuntu2.4

---------------
mediawiki (1:1.13.3-1ubuntu2.4) jaunty-security; urgency=low

  * SECURITY UPDATE: Data leakage vulnerability in thumb.php affecting wikis
    which restrict access to private files using eg. img_auth.php.
    - CVE-2010-1190
    - debian/patches/DataLeakage-CVE-2010-1190.patch
    - patch from upstream SVN rev. 63436
    - http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
    - LP: #603740
-- Andreas Wenning <email address hidden> Fri, 09 Jul 2010 22:26:21 +0200

Revision history for this message

Launchpad Janitor (janitor) wrote on 2010-07-13:

#9

This bug was fixed in the package mediawiki - 1:1.11.2-2ubuntu0.7

---------------
mediawiki (1:1.11.2-2ubuntu0.7) hardy-security; urgency=low

  * SECURITY UPDATE: Data leakage vulnerability in thumb.php affecting wikis
    which restrict access to private files using eg. img_auth.php.
    - CVE-2010-1190
    - debian/patches/DataLeakage-CVE-2010-1190.patch
    - patch based on upstream SVN rev. 63436
    - http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
    - LP: #603740
-- Andreas Wenning <email address hidden> Fri, 09 Jul 2010 22:38:34 +0200

Changed in mediawiki (Ubuntu Hardy):
status:	Fix Committed → Fix Released
Changed in mediawiki (Ubuntu Jaunty):
status:	Fix Committed → Fix Released
Changed in mediawiki (Ubuntu Karmic):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

Add patch

Remote bug watches

Bug watches keep track of this bug in other bug trackers.