CVE-2022-28205 log

Source
Severity Critical
Remote Unknown
Type Unknown
Description
An issue was discovered in MediaWiki through 1.37.1. The CentralAuth extension mishandles a ttl issue for groups expiring in the future.
Group Package Affected Fixed Severity Status Ticket
AVG-2676 mediawiki 1.37.1-1 1.37.2-1 Critical Not affected
References
https://gerrit.wikimedia.org/r/c/mediawiki/extensions/CentralAuth/+/765335
https://phabricator.wikimedia.org/T302248
Notes
pkgbuild does not build affected extension