During the month of December 2025 and on behalf of Freexian, I worked on the following:
libgd2 ------ Uploaded 2.3.0-2+deb11u1 and issued DLA-4411-1. https://lists.debian.org/msgid-search/[email protected] * CVE-2021-40145: Double free in gdImageGd2Ptr(). * CVE-2021-38115: Out-of-bounds read via crafted TGA file. * CVE-2021-40812: Out-of-bounds read via crafted BMP or WebP files. roundcube --------- Uploaded 1.4.15+dfsg.1-1+deb11u6 and issued DLA-4415-1. https://lists.debian.org/msgid-search/[email protected] * CVE-2025-68460: Information disclosure vulnerability in the HTML style sanitizer. * CVE-2025-68461: Cross-Site-Scripting (XSS) vulnerability via SVG’s <animate> tag. Uploaded 1.3.17+dfsg.1-1~deb10u9 (buster) and issued ELA-1598-1. https://www.freexian.com/lts/extended/updates/ela-1598-1-roundcube/ python-urllib3 -------------- Uploaded 1.26.5-1~exp1+deb11u2 and issued DLA-4421-1. https://lists.debian.org/msgid-search/[email protected] * CVE-2025-50181: Redirects were not disabled when retries are disabled on PoolManager instantiation. * CVE-2025-66418: Unbounded number of links in the decompression chain. Uploaded 1.24.1-1+deb10u4 (buster) and 1.19.1-1+deb9u4 (stretch), and issued ELA-1601-1. https://www.freexian.com/lts/extended/updates/ela-1601-1-python-urllib3/ mediawiki --------- Uploaded 1:1.35.13-1+deb11u6 and issued DLA-4428-1. https://lists.debian.org/msgid-search/[email protected] * CVE-2025-67475: Square brackets in autocomment links were not always escaped. * CVE-2025-67478: Commas not separating values in RFC 2822 style headers were not escaped. * CVE-2025-67479: Underscore and wide underscore were not always sanitized in `data-*` attribute names. * CVE-2025-67480: ApiQueryRevisionsBase did not check for read permissions for the target page. * CVE-2025-67481: Insufficient `style` attribute sanitation in client-side messages (jqueryMsg). * CVE-2025-67482 (Scribunto extension): Segfault in unpack() with large integers. * CVE-2025-67484: XSS vulnerability via xslt option for users with the "editinterface" permission. Thanks to the sponsors for financing the above, and to Freexian for coordinating! -- Guilhem.
signature.asc
Description: PGP signature
