Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 2aacb17a by Moritz Muehlenhoff at 2025-10-02T21:03:13+02:00 initial batch of mediawiki issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,21 @@ +CVE-2025-61637 [Escape three system messages used by live preview] + - mediawiki <unfixed> + [bookworm] - mediawiki <not-affected> (Vulnerable code not present) + [bullseye] - mediawiki <not-affected> (Vulnerable code not present) + NOTE: https://phabricator.wikimedia.org/T394856 + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1193171 +CVE-2025-61636 [Escape rawElement $content] + - mediawiki <unfixed> + [bookworm] - mediawiki <not-affected> (Vulnerable code not present) + [bullseye] - mediawiki <not-affected> (Vulnerable code not present) + NOTE: https://phabricator.wikimedia.org/T394396 + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1193170 +CVE-2025-61634 [REST: Set cache-control value of max-age=60 for redirects] + - mediawiki <unfixed> + [bookworm] - mediawiki <not-affected> (Redirect introduced in 1.40) + [bullseye] - mediawiki <not-affected> (Redirect introduced in 1.40) + NOTE: https://phabricator.wikimedia.org/T387478 + NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1153370 CVE-2025-9697 (The Ajax WooSearch WordPress plugin through 1.0.0 does not properly sa ...) NOT-FOR-US: WordPress plugin CVE-2025-9587 (The CTL Behance Importer Lite WordPress plugin through 1.0 does not pr ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2aacb17a3032d507742956d6ddc3b2e6019680ac -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2aacb17a3032d507742956d6ddc3b2e6019680ac You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
