[SECURITY] Fedora 18 Update: dokuwiki-0-0.14.20121013.fc18
updates at fedoraproject.org
updates at fedoraproject.org
Wed Oct 24 16:37:25 UTC 2012
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-16550
2012-10-21 05:52:19
--------------------------------------------------------------------------------
Name : dokuwiki
Product : Fedora 18
Version : 0
Release : 0.14.20121013.fc18
URL : http://www.dokuwiki.org/dokuwiki
Summary : Standards compliant simple to use wiki
Description :
DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creating
documentation of any kind. It has a simple but powerful syntax which makes sure
the datafiles remain readable outside the Wiki and eases the creation of
structured texts.
All data is stored in plain text files no database is required.
--------------------------------------------------------------------------------
Update Information:
upgrade to latest upstream
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #741384 - CVE-2011-3727 dokuwiki: installation path disclosure via a direct request to a .php file
https://bugzilla.redhat.com/show_bug.cgi?id=741384
[ 2 ] Bug #840686 - CVE-2012-0283 dokuwiki: XSS flaw in tpl_mediaFileList()
https://bugzilla.redhat.com/show_bug.cgi?id=840686
[ 3 ] Bug #835145 - CVE-2012-3354 dokuwiki: Full path disclosure with PHP error level enabled
https://bugzilla.redhat.com/show_bug.cgi?id=835145
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update dokuwiki' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list