[Git][security-tracker-team/security-tracker][master] new mediawiki issue

Wed, 30 Mar 2022 01:37:19 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3b6c7fd1 by Moritz Muehlenhoff at 2022-03-30T10:36:44+02:00
new mediawiki issue
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19,21 +19,24 @@ CVE-2022-28211
 CVE-2022-28210
        RESERVED
 CVE-2022-28209 (An issue was discovered in Mediawiki through 1.37.1. The check 
for the ...)
-       TODO: check
+       NOT-FOR-US: MediaWiki AntiSpoof extension
 CVE-2022-28208
        RESERVED
 CVE-2022-28207
        RESERVED
 CVE-2022-28206 (An issue was discovered in MediaWiki through 1.37.1. 
ImportPlanValidat ...)
-       TODO: check
+       NOT-FOR-US: MediaWiki FileImporter extension
 CVE-2022-28205 (An issue was discovered in MediaWiki through 1.37.1. The 
CentralAuth e ...)
-       TODO: check
+       NOT-FOR-US: MediaWiki CentralAuth extension
 CVE-2022-28204
        RESERVED
 CVE-2022-28203
        RESERVED
 CVE-2022-28202 (An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x 
before  ...)
-       TODO: check
+       - mediawiki <unfixed>
+       [bullseye] - mediawiki <postponed> (Fix along in next security release)
+       [buster] - mediawiki <postponed> (Fix along in next security release)
+       NOTE: https://phabricator.wikimedia.org/T297543
 CVE-2022-28201
        RESERVED
 CVE-2022-28200
@@ -97,7 +100,7 @@ CVE-2022-28172
 CVE-2022-28171
        RESERVED
 CVE-2022-1163 (Cross-site Scripting (XSS) - Stored in GitHub repository 
mineweb/minew ...)
-       TODO: check
+       NOT-FOR-US: minewebcms
 CVE-2022-1162
        RESERVED
 CVE-2022-1161
@@ -263,7 +266,7 @@ CVE-2022-1124
 CVE-2022-1123
        RESERVED
 CVE-2021-46743 (In Firebase PHP-JWT before 6.0.0, an algorithm-confusion issue 
(e.g.,  ...)
-       TODO: check
+       NOT-FOR-US: Firebase PHP-JWT
 CVE-2020-36521
        RESERVED
 CVE-2022-28128



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b6c7fd1697e5140a05994a419a5a4c0fbe8deb5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b6c7fd1697e5140a05994a419a5a4c0fbe8deb5
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to