[Git][security-tracker-team/security-tracker][master] mediawiki DSA
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Jul 3 19:15:54 BST 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e5c2cc34 by Moritz Mühlenhoff at 2025-07-03T20:15:23+02:00
mediawiki DSA
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -25242,7 +25242,6 @@ CVE-2025-32073 (Improper Input Validation vulnerability in The Wikimedia Foundat
NOT-FOR-US: HTMLTags MediaWiki extension
CVE-2025-32072 (Improper Encoding or Escaping of Output vulnerability in The Wikimedia ...)
- mediawiki 1:1.43.1+dfsg-2
- [bookworm] - mediawiki <postponed> (Fix along in next DSA)
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1120134
NOTE: https://phabricator.wikimedia.org/T386175
CVE-2025-32071 (Improper Input Validation vulnerability in The Wikimedia Foundation Me ...)
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[03 Jul 2025] DSA-5957-1 mediawiki - security update
+ {CVE-2025-6590 CVE-2025-6591 CVE-2025-6593 CVE-2025-6594 CVE-2025-6595 CVE-2025-6597 CVE-2025-6926 CVE-2025-32072}
+ [bookworm] - mediawiki 1:1.39.13-1~deb12u1
[03 Jul 2025] DSA-5956-1 ring - security update
{CVE-2023-27585}
[bookworm] - ring 20230206.0~ds2-1.1+deb12u1
=====================================
data/dsa-needed.txt
=====================================
@@ -33,8 +33,6 @@ linux (carnil)
Wait until more issues have piled up, though try to regulary rebase for point
releases to more 6.1.y versions
--
-mediawiki (jmm)
---
netty
--
nodejs
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5c2cc3493aeff526ecbacd3b5263e66ec3a5cf3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5c2cc3493aeff526ecbacd3b5263e66ec3a5cf3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250703/c3659bf2/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list