diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2023-07-01 20:13:52 +0200 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2023-07-01 20:13:52 +0200 |
| commit | a624e0ab90803c56de9fef3d2845ffd0f08d5e5c (patch) | |
| tree | 70fbaef972b0779696ed8a541f179dde675da857 | |
| parent | d0a7148d1b64392bbdcc46e3d58e1451fe7961d9 (diff) | |
mediawiki fixed in sid
| -rw-r--r-- | data/CVE/list | 12 | ||||
| -rw-r--r-- | data/dsa-needed.txt | 2 |
2 files changed, 8 insertions, 6 deletions
diff --git a/data/CVE/list b/data/CVE/list index 2b4b2838c8..f2f250d0a2 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,7 @@ +CVE-2023-36674 [Manualthumb bypasses badFile lookup] + - mediawiki 1:1.39.4-1 + NOTE: https://phabricator.wikimedia.org/T335612 + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/934571/ CVE-2023-37252 NOT-FOR-US: MediaWiki extension CheckUser CVE-2023-37253 @@ -652,9 +656,7 @@ CVE-2023-2993 (A valid, authenticated user with limited privileges may be able t CVE-2023-2992 (An unauthenticated denial of service vulnerability exists in the SMM v ...) NOT-FOR-US: Lenovo CVE-2023-36675 (An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1. ...) - - mediawiki <unfixed> - [bookworm] - mediawiki <postponed> (Fix in next security release) - [bullseye] - mediawiki <postponed> (Fix in next security release) + - mediawiki 1:1.39.4-1 NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/921452 NOTE: https://phabricator.wikimedia.org/T332889 CVE-2023-36666 (INEX IXP-Manager before 6.3.1 allows XSS. list-preamble.foil.php, page ...) @@ -12086,9 +12088,7 @@ CVE-2023-29143 CVE-2023-29142 RESERVED CVE-2023-29141 (An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1. ...) - - mediawiki <unfixed> - [bookworm] - mediawiki <no-dsa> (Minor issue) - [bullseye] - mediawiki <no-dsa> (Minor issue) + - mediawiki 1:1.39.4-1 [buster] - mediawiki <no-dsa> (Minor issue) NOTE: https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_39/RELEASE-NOTES-1.39 NOTE: https://phabricator.wikimedia.org/T285159 diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index e3500b2f13..3987749e08 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -30,6 +30,8 @@ linux (carnil) Wait until more issues have piled up, though try to regulary rebase for point releases to more recent v5.10.y versions -- +mediawiki (jmm) +-- nbconvert/oldstable Guilhem Moulin proposed an update ready for review -- |