[Secure-testing-commits] r28307 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Aug 16 09:17:55 UTC 2014
Author: carnil
Date: 2014-08-16 09:17:55 +0000 (Sat, 16 Aug 2014)
New Revision: 28307
Modified:
data/CVE/list
Log:
CVE-2014-5266 added (wordpress and drupal7)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-16 09:14:19 UTC (rev 28306)
+++ data/CVE/list 2014-08-16 09:17:55 UTC (rev 28307)
@@ -17,6 +17,12 @@
- libgcrypt11 1.5.4-1
- libgcrypt20 1.6.0-2
NOTE: http://lists.gnupg.org/pipermail/gnupg-announce/2014q3/000352.html
+CVE-2014-5266 [XML entity expansion attack related to xmlrpc.php]
+ - wordpress 3.9.2+dfsg-1 (bug #757312)
+ NOTE: https://core.trac.wordpress.org/changeset/29405/branches/3.9
+ - drupal7 7.31-1
+ - drupal6 <removed>
+ NOTE: https://www.drupal.org/SA-CORE-2014-004
CVE-2014-5265 [XML entity expansion attack related to xmlrpc.php]
{DSA-3001-1 DSA-2999-1}
- wordpress 3.9.2+dfsg-1 (bug #757312)
More information about the Secure-testing-commits
mailing list