[Git][security-tracker-team/security-tracker][master] update two mediawiki entries, thanks to Guilhem
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Jul 4 14:28:54 BST 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f771a8d3 by Moritz Muehlenhoff at 2025-07-04T15:28:26+02:00
update two mediawiki entries, thanks to Guilhem
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -25767,8 +25767,8 @@ CVE-2023-43035 (IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 allows web p
CVE-2023-42007 (IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 is vulnerable to c ...)
NOT-FOR-US: IBM
CVE-2025-32700 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- {DSA-5901-1}
- mediawiki 1:1.43.1+dfsg-1
+ [bookworm] - mediawiki <not-affected> (Vulnerable code introduced later)
[bullseye] - mediawiki <not-affected> (Vulnerable code introduced later)
NOTE: https://phabricator.wikimedia.org/T389235
NOTE: Introduced by https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/1026560 (REL1_43)
@@ -25785,8 +25785,8 @@ CVE-2025-32698 (Exposure of Sensitive Information to an Unauthorized Actor vulne
NOTE: https://phabricator.wikimedia.org/T385958
NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1135793
CVE-2025-32697 (Improper Preservation of Permissions vulnerability in Wikimedia Founda ...)
- {DSA-5901-1}
- mediawiki 1:1.43.1+dfsg-1
+ [bookworm] - mediawiki <ignored> (Minor issue, too intrusive to backport and also not fixed in 1.39.x upstream)
NOTE: https://phabricator.wikimedia.org/T140010
NOTE: https://phabricator.wikimedia.org/T62109
NOTE: https://phabricator.wikimedia.org/T24521
=====================================
data/DSA/list
=====================================
@@ -173,7 +173,7 @@
{CVE-2024-56406}
[bookworm] - perl 5.36.0-7+deb12u2
[13 Apr 2025] DSA-5901-1 mediawiki - security update
- {CVE-2025-3469 CVE-2025-32696 CVE-2025-32697 CVE-2025-32698 CVE-2025-32699 CVE-2025-32700}
+ {CVE-2025-3469 CVE-2025-32696 CVE-2025-32698 CVE-2025-32699}
[bookworm] - mediawiki 1:1.39.12-1~deb12u1
[12 Apr 2025] DSA-5900-1 linux - security update
{CVE-2023-52857 CVE-2023-52927 CVE-2024-24855 CVE-2024-26656 CVE-2024-26767 CVE-2024-26982 CVE-2024-27056 CVE-2024-35866 CVE-2024-38611 CVE-2024-40973 CVE-2024-42129 CVE-2024-43831 CVE-2024-46772 CVE-2024-47753 CVE-2024-47754 CVE-2024-50056 CVE-2024-50246 CVE-2024-53166 CVE-2024-57977 CVE-2024-58002 CVE-2024-58005 CVE-2024-58079 CVE-2024-58090 CVE-2025-21702 CVE-2025-21712 CVE-2025-21721 CVE-2025-21756 CVE-2025-21838 CVE-2025-21844 CVE-2025-21846 CVE-2025-21848 CVE-2025-21855 CVE-2025-21858 CVE-2025-21859 CVE-2025-21862 CVE-2025-21864 CVE-2025-21865 CVE-2025-21866 CVE-2025-21867 CVE-2025-21871 CVE-2025-21875 CVE-2025-21877 CVE-2025-21878 CVE-2025-21881 CVE-2025-21887 CVE-2025-21891 CVE-2025-21898 CVE-2025-21899 CVE-2025-21904 CVE-2025-21905 CVE-2025-21909 CVE-2025-21910 CVE-2025-21912 CVE-2025-21913 CVE-2025-21914 CVE-2025-21916 CVE-2025-21917 CVE-2025-21918 CVE-2025-21919 CVE-2025-21920 CVE-2025-21922 CVE-2025-21924 CVE-2025-21925 CVE-2025-21926 CVE-2025-21928 CVE-2025-21934 CVE-2025-21935 CVE-2025-21936 CVE-2025-21937 CVE-2025-21938 CVE-2025-21941 CVE-2025-21943 CVE-2025-21944 CVE-2025-21945 CVE-2025-21947 CVE-2025-21948 CVE-2025-21950 CVE-2025-21951 CVE-2025-21956 CVE-2025-21957 CVE-2025-21959 CVE-2025-21960 CVE-2025-21962 CVE-2025-21963 CVE-2025-21964 CVE-2025-21968 CVE-2025-21970 CVE-2025-21971 CVE-2025-21975 CVE-2025-21978 CVE-2025-21979 CVE-2025-21980 CVE-2025-21981 CVE-2025-21986 CVE-2025-21991 CVE-2025-21992 CVE-2025-21993 CVE-2025-21994 CVE-2025-21996 CVE-2025-21997 CVE-2025-21999 CVE-2025-22004 CVE-2025-22005 CVE-2025-22007 CVE-2025-22008 CVE-2025-22010 CVE-2025-22014 CVE-2025-22015}
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f771a8d3d320f8875c39594e5f3670a7fe5b501c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f771a8d3d320f8875c39594e5f3670a7fe5b501c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250704/fac37aa9/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list