[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend mediawiki rule
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Feb 9 15:33:56 GMT 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
17993403 by Moritz Muehlenhoff at 2026-02-09T16:33:30+01:00
auto-nfu: Extend mediawiki rule
- - - - -
2 changed files:
- data/CVE/list
- data/packages/nfu.yaml
Changes:
=====================================
data/CVE/list
=====================================
@@ -2476,11 +2476,11 @@ CVE-2025-69207 (Khoj is a self-hostable artificial intelligence app. Prior to 2.
CVE-2025-66480 (Wildfire IM is an instant messaging and real-time audio/video solution ...)
NOT-FOR-US: Wildfire IM
CVE-2025-61650 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: MediaWiki extensions/skins not packaged in Debian
CVE-2025-61649 (Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is ...)
- TODO: check
+ NOT-FOR-US: MediaWiki extensions/skins not packaged in Debian
CVE-2025-61647 (Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is ...)
- TODO: check
+ NOT-FOR-US: MediaWiki extensions/skins not packaged in Debian
CVE-2025-61644 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
TODO: check
CVE-2025-58383 (A vulnerability in Brocade Fabric OS versions before 9.2.1c2 could all ...)
=====================================
data/packages/nfu.yaml
=====================================
@@ -661,6 +661,7 @@
allOf:
- cna: wikimedia-foundation
- anyOf:
+ - product: CheckUser
- product: MediaWiki CookieConsent extension
- product: MediaWiki GlobalBlocking extension
- product: MediaWiki PageForms extension
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1799340399f9ce8625c284ea57602676c88cbd86
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1799340399f9ce8625c284ea57602676c88cbd86
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260209/7221082c/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list