Bug#1108865: unblock: mediawiki/1:1.43.3+dfsg-1

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1108865: unblock: mediawiki/1:1.43.3+dfsg-1
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 06 Jul 2025 15:50:48 +0200
Message-id: <[🔎] 175180984893.3498673.15321828729183720064.reportbug@eldamar.lan>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 1108865@bugs.debian.org

Package: release.debian.org
Severity: normal
X-Debbugs-Cc: mediawiki@packages.debian.org, team@security.debian.org, Taavi Väänänen <taavi@debian.org>, carnil@debian.org
Control: affects -1 + src:mediawiki
User: release.debian.org@packages.debian.org
Usertags: unblock

Hi Release team, hi Taavi,

mediawiki was affected by some CVEs, namely:

   * New upstream version 1.43.3, fixing CVE-2025-6926, CVE-2025-6927,
     CVE-2025-6589, CVE-2025-6590, CVE-2025-6591, CVE-2025-6592, CVE-2025-6593,
     CVE-2025-6594, CVE-2025-6595, CVE-2025-6596, CVE-2025-6597.

corresponding  DSA was released some days ago:
https://lists.debian.org/debian-security-announce/2025/msg00121.html

Can you consider lowering the migration time for mediawiki itself?
(Otherwise it should be fine, it has autopkgtsts, is not a key package
and should go in as well at given time).

Regards,
Salvatore

Reply to:

Follow-Ups:
- Processed: unblock: mediawiki/1:1.43.3+dfsg-1
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>
- Bug#1108865: unblock: mediawiki/1:1.43.3+dfsg-1
  - From: Taavi Väänänen <taavi@debian.org>
- Bug#1108865: marked as done (unblock: mediawiki/1:1.43.3+dfsg-1)
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: Processed: unblock: mediawiki/1:1.43.3+dfsg-1
Next by Date: Processed: unblock: node-tar-fs/3.0.9+~cs2.0.4-1
Previous by thread: Bug#1108864: marked as done ([discussion] unblock: libpgjava/42.7.7-1)
Next by thread: Processed: unblock: mediawiki/1:1.43.3+dfsg-1
Index(es):
- Date
- Thread