Januar 2024 - TOPF - ZaPF-Lists

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Mon Jan 22 04:42:03 2024 Date Range Processed: yesterday ( 2024-Jan-21 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [115:114] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 4 sites probed the server 107.170.254.29 162.243.146.17 66.240.205.34 89.190.156.61 Requests with error response codes 400 Bad Request null: 4 Time(s) *: 2 Time(s) /bin/zhttpd/${IFS}cd${IFS}/tmp;${IFS}rm${I ... }zyxel.selfrep;: 1 Time(s) mstshash=Administr: 1 Time(s) 500 Internal Server Error /: 2 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /actuator/gateway/routes: 1 Time(s) 502 Bad Gateway /-UCiB4o_SaOfdBPLYtK8YA/pdf: 1 Time(s) /YsmARieUTPGHR1-N837aTg/pdf: 1 Time(s) /sq0-cswPQGi9pvVdOpDdOA/pdf: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: unknown (91.238.181.247): 42 Time(s) root (91.238.181.247): 16 Time(s) unknown (170.64.155.185): 12 Time(s) unknown (172.245.92.206): 11 Time(s) unknown (103.245.237.53): 9 Time(s) unknown (118.126.88.171): 9 Time(s) unknown (129.226.196.222): 9 Time(s) unknown (143.110.227.81): 9 Time(s) unknown (150.109.205.234): 9 Time(s) unknown (156.232.6.238): 9 Time(s) unknown (156.236.66.78): 9 Time(s) unknown (162.241.87.50): 9 Time(s) unknown (185.196.9.139): 9 Time(s) unknown (187.33.60.34): 9 Time(s) unknown (197.248.180.212): 9 Time(s) unknown (211.245.106.55): 9 Time(s) unknown (43.128.104.71): 9 Time(s) unknown (43.153.227.163): 9 Time(s) unknown (43.155.141.65): 9 Time(s) unknown (43.156.127.43): 9 Time(s) unknown (43.156.84.86): 9 Time(s) unknown (45.207.45.194): 9 Time(s) unknown (91.213.99.15): 9 Time(s) unknown (114.219.56.217): 8 Time(s) unknown (124.222.12.147): 8 Time(s) unknown (159.223.239.5): 8 Time(s) unknown (43.138.222.252): 8 Time(s) unknown (62.137.251.23.bc.googleusercontent.com): 8 Time(s) unknown (119.188.168.53): 7 Time(s) unknown (125.124.167.89): 7 Time(s) root (ns397054.ip-94-23-34.eu): 6 Time(s) unknown (1.15.171.183): 6 Time(s) unknown (112.132.249.164): 6 Time(s) unknown (115.159.25.59): 6 Time(s) unknown (124.223.219.43): 6 Time(s) unknown (36.133.64.211): 6 Time(s) unknown (149.167.39.19): 5 Time(s) unknown (212.70.149.150): 5 Time(s) root (183.107.151.167): 4 Time(s) unknown (122.252.225.103): 4 Time(s) unknown (43.128.107.195): 4 Time(s) unknown (43.155.157.138): 4 Time(s) unknown (138.99.6.179): 3 Time(s) unknown (162.62.218.43): 3 Time(s) unknown (180.109.252.41): 3 Time(s) unknown (43.133.60.251): 3 Time(s) unknown (43.134.64.85): 3 Time(s) unknown (43.156.68.36): 3 Time(s) unknown (41.59.82.183): 2 Time(s) bin (170.64.155.185): 1 Time(s) root (170.64.155.185): 1 Time(s) root (212.70.149.150): 1 Time(s) unknown (115.20.185.86): 1 Time(s) unknown (185.196.8.151): 1 Time(s) unknown (211-20-14-156.hinet-ip.hinet.net): 1 Time(s) unknown (216.66.35.177): 1 Time(s) unknown (8.140.53.65): 1 Time(s) Invalid Users: Unknown Account: 371 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 75 Connections 27 Connections lost (inbound) 75 Disconnections 2 Timeouts (inbound) 17 SMTP dialog errors 2 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- Connections (secure-log) Begin ------------------------ **Unmatched Entries** systemd-logind: New seat seat0.: 1 Time(s) ---------------------- Connections (secure-log) End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ SSHD Started: 2 Time(s) Disconnecting after too many authentication failures for user: invalid : 1 Time(s) Failed logins from: 91.238.181.247: 16 times 94.23.34.95 (ns397054.ip-94-23-34.eu): 6 times 170.64.155.185: 2 times 183.107.151.167: 5 times 212.70.149.150: 1 time Illegal users from: undef: 245 times 1.15.171.183: 6 times 8.140.53.65: 1 time 23.251.137.62 (62.137.251.23.bc.googleusercontent.com): 8 times 36.133.64.211: 6 times 41.59.82.183 (183.82-59-41.static-zone.ttcldata.net): 2 times 43.128.104.71: 9 times 43.128.107.195: 4 times 43.133.60.251: 3 times 43.134.64.85: 3 times 43.138.222.252: 8 times 43.153.227.163: 9 times 43.155.141.65: 9 times 43.155.157.138: 4 times 43.156.68.36: 3 times 43.156.84.86: 9 times 43.156.127.43: 9 times 45.207.45.194: 9 times 52.87.199.75 (ec2-52-87-199-75.compute-1.amazonaws.com): 1 time 91.213.99.15: 9 times 91.238.181.247: 42 times 103.245.237.53: 9 times 112.132.249.164 (164.249.132.112.adsl-pool.ah.cnuninet.net): 6 times 114.219.56.217: 8 times 115.20.185.86: 5 times 115.159.25.59: 6 times 118.126.88.171: 9 times 119.188.168.53: 7 times 122.252.225.103: 4 times 124.222.12.147: 8 times 124.223.219.43: 6 times 125.124.167.89: 7 times 129.226.196.222: 9 times 138.99.6.179 (host179.138-99-6.telmex.net.ar): 3 times 143.110.227.81: 9 times 149.167.39.19 (cpe-149-167-39-19.static.belong.com.au): 6 times 150.109.205.234: 9 times 156.232.6.238: 9 times 156.236.66.78: 9 times 159.223.239.5: 8 times 162.62.218.43: 3 times 162.241.87.50 (162-241-87-50.webhostbox.net): 9 times 170.64.155.185: 12 times 172.245.92.206 (172-245-92-206-host.colocrossing.com): 11 times 180.109.252.41: 3 times 185.196.8.151: 1 time 185.196.9.139: 9 times 187.33.60.34 (187.33.60.34.netone.com.br): 9 times 197.248.180.212 (197-248-180-212.safaricombusiness.co.ke): 9 times 211.20.14.156 (211-20-14-156.hinet-ip.hinet.net): 1 time 211.245.106.55: 9 times 212.70.149.150: 5 times 216.66.35.177: 1 time ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop33632p1 394G 243G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

1 Jahr, 9 Monate

1
0
0 / 0

Delivery Status Notification (Failure)

by Mail Delivery Subsystem

** Message not delivered ** There was a problem delivering your message to crewlogs(a)rumjungle.com. See the technical details below. Learn more here: https://support.google.com/a/answer/168383 The response was: Your email to group crewlogs(a)rumjungle.com was rejected due to spam classification. The owner of the group can choose to enable message moderation instead of bouncing these emails. More information can be found here: https://support.google.com/a/answer/168383.

1 Jahr, 9 Monate

1
0
0 / 0

Undelivered Mail Returned to Sender

by MAILER-DAEMON＠zapf.in

This is the mail system at host mail.zapf.in. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system <mikawaka227(a)yahoo.co.jp>: host mx2.mail.yahoo.co.jp[202.93.77.239] said: 554 delivery error: dd This user doesn't have a yahoo.co.jp account (mikawaka227(a)yahoo.co.jp) [-5] - mta0104.mail.otm.ynwp.yahoo.co.jp (in reply to end of DATA command)

1 Jahr, 9 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Fri Jan 19 04:42:03 2024 Date Range Processed: yesterday ( 2024-Jan-18 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [110:110] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 141.98.7.179 -> zapf.wiki:443: 3 Time(s) A total of 2 sites probed the server 185.100.87.136 66.240.205.34 Requests with error response codes 400 Bad Request zapf.wiki:443: 3 Time(s) *: 2 Time(s) /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2 ... %2e/.%2e/bin/sh: 2 Time(s) null: 2 Time(s) /: 1 Time(s) /bin/zhttpd/${IFS}cd${IFS}/tmp;${IFS}rm${I ... }zyxel.selfrep;: 1 Time(s) /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%3 ... 5%%32%65/bin/sh: 1 Time(s) mstshash=Administr: 1 Time(s) 403 Forbidden /FrcS3CFURGOhH8IZnOVeEw: 1 Time(s) 500 Internal Server Error /: 11 Time(s) /Public/home/js/check.js: 1 Time(s) /login: 1 Time(s) /robots.txt: 1 Time(s) /static/admin/javascript/hetong.js: 1 Time(s) /version: 1 Time(s) 502 Bad Gateway /CWNtLmX2SLelz0pnhfcNyA/pdf: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (59.110.170.68): 20 Time(s) unknown (62.122.184.248): 19 Time(s) unknown (191.9.123.39): 15 Time(s) unknown (103.103.30.17): 12 Time(s) unknown (164.90.161.47): 12 Time(s) unknown (185.126.8.102): 12 Time(s) unknown (27.254.235.2): 12 Time(s) unknown (85.234.116.19): 12 Time(s) unknown (128.199.194.4): 11 Time(s) unknown (43.228.112.254): 10 Time(s) root (62.122.184.248): 9 Time(s) unknown (113.83.130.239): 9 Time(s) unknown (122.155.186.160): 9 Time(s) unknown (129.226.88.9): 9 Time(s) unknown (152.32.240.162): 9 Time(s) unknown (164.90.211.134): 9 Time(s) unknown (176.109.0.30): 9 Time(s) unknown (185.255.91.86): 9 Time(s) unknown (188.166.150.14): 9 Time(s) unknown (188.166.236.23): 9 Time(s) unknown (190.119.66.238): 9 Time(s) unknown (190.249.243.109): 9 Time(s) unknown (43.134.59.61): 9 Time(s) unknown (43.143.177.244): 9 Time(s) unknown (43.153.114.153): 9 Time(s) unknown (43.153.85.172): 9 Time(s) unknown (43.156.68.36): 9 Time(s) unknown (45.165.203.173): 9 Time(s) unknown (82.207.8.194): 9 Time(s) unknown (adsl-130-87-192-81.adsl2.iam.net.ma): 9 Time(s) unknown (137.184.118.88): 8 Time(s) unknown (222.73.56.10): 8 Time(s) unknown (150.242.140.105): 7 Time(s) unknown (162.14.116.233): 7 Time(s) root (116.62.134.75): 6 Time(s) root (159.203.96.83): 6 Time(s) root (182.253.36.38): 6 Time(s) root (222.186.16.207): 6 Time(s) root (ns397054.ip-94-23-34.eu): 6 Time(s) unknown (117.62.216.107): 6 Time(s) unknown (117.68.194.148): 6 Time(s) unknown (124.222.13.109): 6 Time(s) unknown (61.188.205.78): 6 Time(s) unknown (218.157.215.31): 2 Time(s) unknown (ip5f582ed6.dynamic.kabel-deutschland.de): 2 Time(s) daemon (62.122.184.248): 1 Time(s) root (27.254.235.2): 1 Time(s) unknown (101.42.3.219): 1 Time(s) unknown (104.248.234.84): 1 Time(s) unknown (185.196.8.151): 1 Time(s) unknown (ool-6038430a.static.optonline.net): 1 Time(s) Invalid Users: Unknown Account: 348 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 3 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 3 Total 4xx Rejects 100.00% ======== ================================================== 51 Connections 16 Connections lost (inbound) 51 Disconnections ---------------------- Postfix End ------------------------- --------------------- Connections (secure-log) Begin ------------------------ **Unmatched Entries** systemd-logind: New seat seat0.: 1 Time(s) ---------------------- Connections (secure-log) End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Network Read Write Errors: 12 SSHD Started: 2 Time(s) Disconnecting after too many authentication failures for user: root : 2 Time(s) Failed logins from: 27.254.235.2: 1 time 59.110.170.68: 20 times 62.122.184.248: 10 times 94.23.34.95 (ns397054.ip-94-23-34.eu): 6 times 116.62.134.75: 6 times 159.203.96.83: 6 times 182.253.36.38: 6 times 222.186.16.207: 6 times Illegal users from: 2001:470:1:332::6 (scan-40af.shadowserver.org): 1 time undef: 284 times 27.254.235.2: 12 times 43.134.59.61: 9 times 43.143.177.244: 9 times 43.153.85.172: 9 times 43.153.114.153: 9 times 43.156.68.36: 9 times 43.228.112.254 (undefined.hostname.localhost): 10 times 45.165.203.173: 9 times 61.188.205.78 (78.205.188.61.broad.nj.sc.dynamic.163data.com.cn): 6 times 62.122.184.248: 19 times 65.49.1.60 (scan-55i.shadowserver.org): 1 time 66.240.192.82: 1 time 81.192.87.130 (adsl-130-87-192-81.adsl2.iam.net.ma): 9 times 82.207.8.194 (194-8-207-82.pool.ukrtel.net): 9 times 85.234.116.19: 12 times 95.88.46.214 (ip5f582ed6.dynamic.kabel-deutschland.de): 2 times 96.56.67.10 (ool-6038430a.static.optonline.net): 1 time 101.42.3.219: 1 time 103.103.30.17: 12 times 104.248.234.84: 1 time 113.83.130.239: 9 times 117.62.216.107: 6 times 117.68.194.148: 6 times 122.155.186.160: 9 times 124.222.13.109: 6 times 128.199.194.4: 11 times 129.226.88.9: 9 times 137.184.118.88: 8 times 150.242.140.105: 7 times 152.32.240.162: 9 times 162.14.116.233: 7 times 164.90.161.47: 12 times 164.90.211.134: 9 times 176.109.0.30: 9 times 185.126.8.102: 12 times 185.196.8.151: 1 time 185.255.91.86 (static.86.91.255.185.clients.irandns.com): 9 times 188.166.150.14: 9 times 188.166.236.23: 9 times 190.119.66.238: 9 times 190.249.243.109 (cable190-249-243-109.epm.net.co): 9 times 191.9.123.39 (191-9-123-39.user.vivozap.com.br): 15 times 218.157.215.31: 2 times 222.73.56.10: 8 times **Unmatched Entries** Disconnecting: Protocol error: expected packet type 21, got 20 [preauth] : 2 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop23956p1 394G 243G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

1 Jahr, 9 Monate

1
0
0 / 0

[AbuseID:D778EE:1B]: AbuseFBLUnitedInternet: Abuse report for unknown domain

by abuse＠hetzner.com

*** Diese E-Mail wurde automatisch generiert. Bitte antworten Sie nicht auf diese E-Mail. *** Sehr geehrte(r) Herr Fabian Freyer, wir haben über einen Feedback Loop (FBL) eine Beschwerde bzgl. einer E-Mail erhalten, die von Ihrer IP-Adresse 94.130.65.175 gesendet wurde. Dies bedeutet, dass der Empfänger diese E-Mail als Spam markiert hat. Wir haben Ihnen die Beschwerde automatisch zur Information weitergeleitet. Sie müssen darauf nicht antworten. Wir erwarten jedoch, dass Sie dies prüfen und eventuelle Probleme beheben. Aufgrund der Funktionsweise von FBLs werden manche E-Mails als "False Positives", also fälschlicherweise als Spam, klassifiziert. In diesem Fall müssen Sie nichts unternehmen. Bitte stellen Sie jedoch sicher, dass der Empfänger dem Erhalt der Nachricht zugestimmt hat (Confirmed Opt-In) und es einen einfachen Weg gibt, um diesem zu widersprechen (Opt-Out/Unsubscribe). Prüfen Sie bitte ebenfalls, ob Sie einen validen PTR (rDNS) Eintrag für diese IP-Adresse haben und setzen Sie eventuell SPF und DKIM ein, falls noch nicht vorhanden. Sollte tatsächlich Spam versendet werden, beheben Sie das zugrunde liegende Problem bitte so schnell wie möglich. Mögliche Gründe können ein gehackter E-Mail-Account, Schadsoftware, offene Proxies, schädliche CMS Add-ons/Plug-ins, etc. sein. Schützen Sie Ihren Server und treffen Sie Vorkehrungen, damit dies nicht erneut passiert. Soll der Server keine E-Mails versenden, ziehen Sie in Betracht, sämtliche Mailserver-Software zu entfernen und/oder die betreffenden Ports zu sperren. Bitte beachten Sie, dass dies nur eine automatisch generierte Nachricht ist, auf die Sie nicht antworten müssen. Mit freundlichen Grüßen Abuse Team Hetzner Online GmbH Industriestr. 25 91710 Gunzenhausen Tel: +49 9831 505-0 Fax: +49 9831 505-3 www.hetzner.de Registergericht Ansbach, HRB 6089 Geschäftsführer: Martin Hetzner, Stephan Konvickova, Günther Müller Hinweise zur Verarbeitung Ihrer personenbezogenen Daten im Rahmen der Kommunikation mit Ihnen finden Sie unter: www.hetzner.de/datenschutzhinweis > This is an email abuse report for an email message from topf(a)zapf.in on Thu, 18 Jan 2024 14:50:56 GMT > > Feedback-Type: abuse > User-Agent: UI-PORTAL-FBL/0.1 > Version: 0.1 > Original-Mail-From: topf(a)zapf.in > Arrival-Date: Thu, 18 Jan 2024 14:50:56 GMT > Source-Ip: 94.130.65.175

1 Jahr, 9 Monate

1
0
0 / 0

Achtung: Traffic-Report-Limit-Überschreitung

by noreply＠hetzner.com

Sehr geehrter Herr Fabian Freyer, hiermit möchten wir Sie darauf aufmerksam machen, dass die Menge der übertragenen Daten das von Ihnen gesetzte Limit überschritten hat: Monatlich: IP / Subnet Servername Limit (GB) Traffic (GB) 94.130.65.175 20 22,021 Bitte beachten Sie, dass die Zeit in Mitteleuropäischer Zeit (MEZ) +0100 UTC angegeben wird. Sie können den Wert, bei dem Sie diese Warnmeldung erhalten wollen, jederzeit selbst im Robot https://robot.hetzner.com unter dem Menüpunkt "Server; Reiter IPs" ändern. Sie haben mit unserem Traffic-Warnsystem eine gute Möglichkeit, Unregelmäßigkeiten festzustellen. Dieser Wert hat nichts mit Ihrem freien Transfervolumen zu tun! Falls Sie Fragen haben, senden Sie uns bitte eine Supportanfrage aus Ihrer Administrationsoberfläche Robot https://robot.hetzner.com . Bitte loggen Sie sich mit Ihrem Account in den Robot ein und klicken Sie rechts oben auf das Benutzer-Icon und wählen Sie anschließend den Punkt "Support" aus. Dort wählen Sie bitte die "Server" Option unter "Produkt" aus, dann können Sie Ihren Server auswählen. Alternativ können Sie auch eine allgemeine Anfrage senden. Wir werden Ihre Anfrage so schnell wie möglich beantworten. Mit freundlichen Grüßen Ihr Hetzner Online Team Hetzner Online GmbH Industriestr. 25 91710 Gunzenhausen Tel.: +49 9831 505-0 Fax: +49 9831 505-3 info(a)hetzner.com www.hetzner.com Registergericht Ansbach, HRB 6089 Geschäftsführer: Martin Hetzner, Stephan Konvickova, Günther Müller USt-IdNr. DE812871812 Hinweise zur Verarbeitung Ihrer personenbezogenen Daten im Rahmen der Kommunikation mit Ihnen finden Sie unter: https://www.hetzner.com/de/datenschutzhinweis

1 Jahr, 9 Monate

1
0
0 / 0

Undelivered Mail Returned to Sender

by MAILER-DAEMON＠zapf.in

This is the mail system at host mail.zapf.in. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system <rubenr2140(a)gmail.com>: host gmail-smtp-in.l.google.com[142.251.168.27] said: 550-5.1.1 The email account that you tried to reach does not exist. Please try 550-5.1.1 double-checking the recipient's email address for typos or 550-5.1.1 unnecessary spaces. For more information, go to 550 5.1.1 https://support.google.com/mail/?p=NoSuchUser c5-20020a05600c0a4500b0040e4686a58fsi8869479wmq.76 - gsmtp (in reply to RCPT TO command)

1 Jahr, 9 Monate

1
0
0 / 0

[MediaWiki-announce] MediaWiki Extensions and Skins Security Release Supplement (1.35.14/1.39.6/1.40.2/1.41.0)

by Manfredi Martorana

Greetings- With the security/maintenance release of MediaWiki 1.35.14/1.39.6/1.40.2/1.41.0, we would also like to provide this supplementary announcement of MediaWiki extensions and skins with now-public Phabricator tasks, security patches and backports [1]: PageTriage + (T347704, CVE-2024-23174) - XSS in pagetriage-tags-quickfilter-label PageTriage https://gerrit.wikimedia.org/r/c/mediawiki/extensions/PageTriage/+/989177 Cargo + (T348687, CVE-2024-23173) - Reflected XSS Could Lead to Steal User Cookie https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Cargo/+/965214/ CampaignTools + (T348343, CVE-2024-23171) - Various i18n-based XSSs in Special:EventDetails https://gerrit.wikimedia.org/r/c/mediawiki/extensions/CampaignEvents/+/97... CheckUser + (T347708, CVE-2024-23172) - Several not properly escaped messages in the CheckUser extension https://gerrit.wikimedia.org/r/q/If3ce02cac9c5f2a6f84c42d902b8290eb1fa7250 MassMessage + (T347742, CVE-2024-23176) - MassMessage i18n key massmessage-form-page-help allows i18n-xss https://gerrit.wikimedia.org/r/q/Ife6fb590af53fa0d8eb59201ce88a3c47ddde45c GlobalBlocking + (T347746, CVE-2024-23179) - GlobalBlocking subtitle links have i18n-xss via the parentheses message https://gerrit.wikimedia.org/r/q/Ide490ca62bdb79b80be5e016986c6c96bfa3b4cf https://gerrit.wikimedia.org/r/q/I1cad283235ea974c7d4ffabc49e1ff801dd4d276 WatchAnalytics + (T348979, CVE-2024-23177) - WatchAnalytics: classic XSS on Special:PageStatistics with the 'page' URL parameter https://gerrit.wikimedia.org/r/q/I09f4663c1c619796624b7d296c1351e0245cdaf1 Phonos + (T349312, CVE-2024-23178) - XSS in Phonos via the phonos-purge-needed-error message https://gerrit.wikimedia.org/r/q/I4cbdd3a35ded2385c29983c77f98835fa2ca307c FlexDiagrams + (T353138, CVE-2024-23178) - FlexDiagrams XSS bug https://gerrit.wikimedia.org/r/q/I139e88d8669b14469e359d1d124b2647dde2a7ca The Wikimedia Security Team recommends updating these extensions and/or skins to the current master branch or relevant, supported release branch [2] as soon as possible. Some of the referenced Phabricator tasks above _may_ still be private. Unfortunately, when security issues are reported, sometimes sensitive information is exposed and since Phabricator is historical, we cannot make these tasks public without exposing this sensitive information. If you have any additional questions or concerns regarding this update, please feel free to contact security(a)wikimedia.org or file a security task within Phabricator [3]. [1] https://phabricator.wikimedia.org/T347659 [2] https://www.mediawiki.org/wiki/Version_lifecycle [3] https://www.mediawiki.org/wiki/Reporting_security_bugs _______________________________________________ MediaWiki-announce mailing list -- mediawiki-announce(a)lists.wikimedia.org To unsubscribe send an email to mediawiki-announce-leave(a)lists.wikimedia.org

1 Jahr, 9 Monate

1
0
0 / 0

Uncaught bounce notification

by topf＠zapf.in

The attached message was received as a bounce, but either the bounce format was not recognized, or no member addresses could be extracted from it. This mailing list has been configured to send all unrecognized bounce messages to the list administrator(s).

1 Jahr, 9 Monate

1
0
0 / 0

Uncaught bounce notification

by topf＠zapf.in

The attached message was received as a bounce, but either the bounce format was not recognized, or no member addresses could be extracted from it. This mailing list has been configured to send all unrecognized bounce messages to the list administrator(s).

1 Jahr, 9 Monate

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

TOPF Januar 2024