[Secure-testing-commits] r28128 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Aug 7 10:18:49 UTC 2014
Author: carnil
Date: 2014-08-07 10:18:49 +0000 (Thu, 07 Aug 2014)
New Revision: 28128
Modified:
data/CVE/list
Log:
Add fixed version for wordpress issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-07 10:11:08 UTC (rev 28127)
+++ data/CVE/list 2014-08-07 10:18:49 UTC (rev 28128)
@@ -1,18 +1,18 @@
CVE-2014-XXXX [cross-site scripting]
- - wordpress <unfixed> (bug #757312)
+ - wordpress 3.9.2+dfsg-1 (bug #757312)
NOTE: XSS: https://core.trac.wordpress.org/changeset/29398
TODO: check wheezy
CVE-2014-XXXX [protections against brute attacks against CSRF tokens]
- - wordpress <unfixed> (bug #757312)
+ - wordpress 3.9.2+dfsg-1 (bug #757312)
NOTE: https://core.trac.wordpress.org/changeset/29384
NOTE: https://core.trac.wordpress.org/changeset/29408
TODO: check wheezy
CVE-2014-XXXX [unsafe serialization vulnerability]
- - wordpress <unfixed> (bug #757312)
+ - wordpress 3.9.2+dfsg-1 (bug #757312)
NOTE: https://core.trac.wordpress.org/changeset/29389
TODO: check wheezy
CVE-2014-XXXX [XML entity expansion attack related to xmlrpc.php]
- - wordpress <unfixed> (bug #757312)
+ - wordpress 3.9.2+dfsg-1 (bug #757312)
NOTE: https://core.trac.wordpress.org/changeset/29405/branches/3.9
- drupal7 7.31-1
- drupal6 <removed>
@@ -7831,7 +7831,7 @@
[squeeze] - php-getid3 <not-affected> (Vulnerable code not present)
NOTE: owncloud advisory does not mention details for GetID3
NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-006/
- - wordpress <unfixed> (bug #757312)
+ - wordpress 3.9.2+dfsg-1 (bug #757312)
NOTE: https://core.trac.wordpress.org/changeset/29390
TODO: check wheezy
CVE-2014-2052
More information about the Secure-testing-commits
mailing list