Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
35890f3e by Moritz Muehlenhoff at 2026-06-30T20:49:24+02:00
first batch of mediawiki issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,24 @@
+CVE-2026-58032 [mw.Api.getErrorMessage: Treat formatversion=1 as text]
+       - mediawiki <unfixed>
+       NOTE: https://phabricator.wikimedia.org/T426867
+       NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1306213 (main)
+       NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1306310 
(REL1_43)
+CVE-2026-58033 [Exclude rev-deleted usernames from distinct authors query]
+       - mediawiki <unfixed>
+       NOTE: https://phabricator.wikimedia.org/T427235
+       NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1306212 (main)
+       NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1306309 
(REL1_43)
+CVE-2026-58028 [Disallow user JS in pretty-print api.php responses]
+       - mediawiki <unfixed>
+       NOTE: http://phabricator.wikimedia.org/T422306
+       NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1306211 (main)
+       NOTE: 
https://gerrit.wikimedia.org/r/c/mediawiki/extensions/CentralAuth/+/1306216 
(main)
+       NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1306308 
(REL1_43)
+       NOTE: 
https://gerrit.wikimedia.org/r/c/mediawiki/extensions/CentralAuth/+/1306320 
(REL1_43)
+CVE-2026-58036 [Fix ApiQueryUsers leaking status ofprivate user conditions for 
user]
+       - mediawiki <not-affected> (Only affects 1.46 and later)
+       NOTE: https://phabricator.wikimedia.org/T425406
+       NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1306035 (main)
 CVE-2026-13766
        NOT-FOR-US: DBIx::QuickORM Perl module
 CVE-2026-57082



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35890f3e969bfed4d746f648b1a002c81bc59f2e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35890f3e969bfed4d746f648b1a002c81bc59f2e
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to