GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Wed Jan 09, 2013 5:26 am Post subject: [ GLSA 201301-07 ] DokuWiki: Multiple vulnerabilities |
 |
|
Gentoo Linux Security Advisory
Title: DokuWiki: Multiple vulnerabilities (GLSA 201301-07)
Severity: normal
Exploitable: remote
Date: January 09, 2013
Bug(s): #301310, #386155, #412891, #427232
ID: 201301-07
Synopsis
Multiple vulnerabilities were found in DokuWiki, the worst of which
leading to privilege escalation.
Background
DokuWiki is a simple to use Wiki aimed at a small company’s
documentation needs.
Affected Packages
Package: www-apps/dokuwiki
Vulnerable: < 20121013
Unaffected: >= 20121013
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in DokuWiki. Please review
the CVE identifiers referenced below for details.
Impact
The vulnerabilities might allow an attacker to disclose local files, to
inject arbitrary web script, or to gain elevated privileges in the
DokuWiki application.
Workaround
There is no known workaround at this time.
Resolution
All DokuWiki users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=www-apps/dokuwiki-20121013"
|
References
CVE-2010-0287
CVE-2010-0288
CVE-2010-0289
CVE-2011-2510
CVE-2011-3727
CVE-2012-0283 |
|
News & Announcements
