[Secure-testing-commits] r28308 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Aug 16 09:18:02 UTC 2014
Author: carnil
Date: 2014-08-16 09:18:02 +0000 (Sat, 16 Aug 2014)
New Revision: 28308
Modified:
data/CVE/list
Log:
CVE-2014-5267/drupal7
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-16 09:17:55 UTC (rev 28307)
+++ data/CVE/list 2014-08-16 09:18:02 UTC (rev 28308)
@@ -17,6 +17,8 @@
- libgcrypt11 1.5.4-1
- libgcrypt20 1.6.0-2
NOTE: http://lists.gnupg.org/pipermail/gnupg-announce/2014q3/000352.html
+CVE-2014-5267 [ code change to reject any XRDS document with a /<!DOCTYPE/i match]
+ - drupal7 7.31-1
CVE-2014-5266 [XML entity expansion attack related to xmlrpc.php]
- wordpress 3.9.2+dfsg-1 (bug #757312)
NOTE: https://core.trac.wordpress.org/changeset/29405/branches/3.9
More information about the Secure-testing-commits
mailing list