[Git][security-tracker-team/security-tracker][master] first batch of new mediawiki issues
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Apr 3 08:00:37 BST 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fcc70623 by Moritz Mühlenhoff at 2026-04-03T09:00:12+02:00
first batch of new mediawiki issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2026-34090
+ - mediawiki 1:1.43.8+dfsg-1
+ [trixie] - mediawiki <not-affected> (Vulnerable code not present)
+ [bookworm] - mediawiki <not-affected> (Vulnerable code not present)
+ [bullseye] - mediawiki <not-affected> (Vulnerable code not present)
+ NOTE: https://phabricator.wikimedia.org/T411366
+ NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/extensions/CheckUser/+/1240641 (master)
+CVE-2026-34091
+ - mediawiki 1:1.43.8+dfsg-1
+ [bookworm] - mediawiki <not-affected> (Introduced in 1.42)
+ [bullseye] - mediawiki <not-affected> (Introduced in 1.42)
+ NOTE: https://phabricator.wikimedia.org/T411305
+ NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1265651 (REL1_43)
+ NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1265637 (master)
+CVE-2026-34092
+ - mediawiki 1:1.43.8+dfsg-1
+ NOTE: https://phabricator.wikimedia.org/T384147
+ NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1265652 (REL1_43)
+ NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1265638 (master)
+CVE-2026-34088
+ - mediawiki 1:1.43.8+dfsg-1
+ NOTE: https://phabricator.wikimedia.org/T410429
+ NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1265670 (REL1_43)
+ NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1265640 (master)
CVE-2026-35535 [exec_mailer: Set group as well as uid when running the mailer]
- sudo <unfixed> (bug #1130593)
[trixie] - sudo <no-dsa> (Minor issue, can be fixed in a point release)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fcc706230929c7cb281f659df77c9746a2608883
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fcc706230929c7cb281f659df77c9746a2608883
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260403/e131abd1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list