Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 04636165 by Moritz Muehlenhoff at 2025-07-02T14:26:34+02:00 new mediawiki issues - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,71 @@ +CVE-2025-6927 + - mediawiki 1:1.43.3+dfsg-1 + NOTE: https://lists.wikimedia.org/hyperkitty/list/[email protected]/thread/TT45WDZ7MDTXXBEFLBMLAJI532O2PN2U/ + NOTE: https://phabricator.wikimedia.org/T397595 + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165118 (master) + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165119 (master) +CVE-2025-6926 + - mediawiki 1:1.43.3+dfsg-1 + NOTE: https://lists.wikimedia.org/hyperkitty/list/[email protected]/thread/TT45WDZ7MDTXXBEFLBMLAJI532O2PN2U/ + NOTE: https://phabricator.wikimedia.org/T389010 + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/extensions/CentralAuth/+/1165164 (master) + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165117 (master) + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165090 (REL1_39) +CVE-2025-6597 + - mediawiki 1:1.43.3+dfsg-1 + NOTE: https://lists.wikimedia.org/hyperkitty/list/[email protected]/thread/TT45WDZ7MDTXXBEFLBMLAJI532O2PN2U/ + NOTE: https://phabricator.wikimedia.org/T389009 + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165116 (master) + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165088 (REL1_39) +CVE-2025-6596 + - mediawiki 1:1.43.3+dfsg-1 + [bookworm] - mediawiki <not-affected> (Introduced in 1.40) + [bullseye] - mediawiki <not-affected> (Introduced in 1.40) + NOTE: https://lists.wikimedia.org/hyperkitty/list/[email protected]/thread/TT45WDZ7MDTXXBEFLBMLAJI532O2PN2U/ + NOTE: https://phabricator.wikimedia.org/T396685 + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/skins/Vector/+/1165107 (master) +CVE-2025-6595 + - mediawiki 1:1.43.3+dfsg-1 + NOTE: https://lists.wikimedia.org/hyperkitty/list/[email protected]/thread/TT45WDZ7MDTXXBEFLBMLAJI532O2PN2U/ + NOTE: https://phabricator.wikimedia.org/T394863 + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/extensions/MultimediaViewer/+/1165106 (master) + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/extensions/MultimediaViewer/+/1165144 (REL1_39) +CVE-2025-6594 + - mediawiki 1:1.43.3+dfsg-1 + NOTE: https://lists.wikimedia.org/hyperkitty/list/[email protected]/thread/TT45WDZ7MDTXXBEFLBMLAJI532O2PN2U/ + NOTE: https://phabricator.wikimedia.org/T395063 + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165115 (master) + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165087 (REL1_39) +CVE-2025-6593 + - mediawiki 1:1.43.3+dfsg-1 + NOTE: https://lists.wikimedia.org/hyperkitty/list/[email protected]/thread/TT45WDZ7MDTXXBEFLBMLAJI532O2PN2U/ + NOTE: https://phabricator.wikimedia.org/T396230 + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165114 (master) + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165086 (REL1_39) +CVE-2025-6592 + - mediawiki 1:1.43.3+dfsg-1 + [bookworm] - mediawiki <not-affected> (Only affects 1.44 and later) + [bullseye] - mediawiki <not-affected> (Only affects 1.44 and later) + NOTE: https://lists.wikimedia.org/hyperkitty/list/[email protected]/thread/TT45WDZ7MDTXXBEFLBMLAJI532O2PN2U/ + NOTE: https://phabricator.wikimedia.org/T391218 + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1143146 (master) +CVE-2025-6591 + - mediawiki 1:1.43.3+dfsg-1 + NOTE: https://lists.wikimedia.org/hyperkitty/list/[email protected]/thread/TT45WDZ7MDTXXBEFLBMLAJI532O2PN2U/ + NOTE: https://phabricator.wikimedia.org/T392276 + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165113 (master) + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165085 (REL1_39) +CVE-2025-6590 + - mediawiki 1:1.43.3+dfsg-1 + NOTE: https://lists.wikimedia.org/hyperkitty/list/[email protected]/thread/TT45WDZ7MDTXXBEFLBMLAJI532O2PN2U/ + NOTE: https://phabricator.wikimedia.org/T392746 + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165112 (master) + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165084 (REL1_39) +CVE-2025-6589 + - mediawiki 1:1.43.3+dfsg-1 + NOTE: https://lists.wikimedia.org/hyperkitty/list/[email protected]/thread/TT45WDZ7MDTXXBEFLBMLAJI532O2PN2U/ + NOTE: https://phabricator.wikimedia.org/T391343 + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165111 (master) CVE-2025-6687 (The Magic Buttons for Elementor plugin for WordPress is vulnerable to ...) NOT-FOR-US: WordPress plugin CVE-2025-6686 (The Magic Buttons for Elementor plugin for WordPress is vulnerable to ...) ===================================== data/dsa-needed.txt ===================================== @@ -33,6 +33,8 @@ linux (carnil) Wait until more issues have piled up, though try to regulary rebase for point releases to more 6.1.y versions -- +mediawiki (jmm) +-- netty -- nodejs View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/04636165930eb7b0486dfc264a89b017b885685d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/04636165930eb7b0486dfc264a89b017b885685d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
