[Secure-testing-commits] r34650 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Mon Jun 1 21:10:14 UTC 2015
Author: sectracker
Date: 2015-06-01 21:10:14 +0000 (Mon, 01 Jun 2015)
New Revision: 34650
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-06-01 21:09:41 UTC (rev 34649)
+++ data/CVE/list 2015-06-01 21:10:14 UTC (rev 34650)
@@ -1886,7 +1886,7 @@
NOTE: Possibly introduced due to http://hg.dovecot.org/dovecot-2.2/rev/09d3c9c6f0ad
CVE-2015-3440 [Stored XSS]
RESERVED
- {DSA-3250-1}
+ {DSA-3250-1 DLA-236-1}
- wordpress 4.2.1+dfsg-1 (bug #783554)
NOTE: http://klikki.fi/adv/wordpress2.html
NOTE: https://wordpress.org/news/2015/04/wordpress-4-2-1/
@@ -1908,13 +1908,13 @@
NOTE: To be decided: http://www.openwall.com/lists/oss-security/2015/04/28/7
CVE-2015-3439 [limited cross-site scripting which could be used as part of a social engineering attack.]
RESERVED
- {DSA-3250-1}
+ {DSA-3250-1 DLA-236-1}
- wordpress 4.2+dfsg-1 (bug #783347)
NOTE: http://codex.wordpress.org/Version_4.1.2
NOTE: https://wordpress.org/news/2015/04/wordpress-4-1-2/
CVE-2015-3438 [cross-site scriptiong vulnerability]
RESERVED
- {DSA-3250-1}
+ {DSA-3250-1 DLA-236-1}
- wordpress 4.2+dfsg-1 (bug #783347)
NOTE: http://codex.wordpress.org/Version_4.1.2
NOTE: https://wordpress.org/news/2015/04/wordpress-4-1-2/
@@ -2155,7 +2155,7 @@
NOTE: CVE assignement for issue in http://marc.info/?l=linux-kernel&m=141271552117745&w=2
CVE-2015-3330 [PHP potential remote code execution with apache 2.4 apache2handler]
RESERVED
- {DLA-212-1}
+ {DSA-3198-1 DLA-212-1}
- php5 5.6.7+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=69218
NOTE: https://bugs.php.net/bug.php?id=68486
@@ -12920,34 +12920,34 @@
NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11155
NOTE: Upstream commit: https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e
CVE-2014-9039 (wp-login.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x ...)
- {DSA-3085-1}
+ {DSA-3085-1 DLA-236-1}
- wordpress 4.0.1+dfsg-1 (bug #770425)
NOTE: Upstream patch: http://core.trac.wordpress.org/changeset/30431
NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
CVE-2014-9038 (wp-includes/http.php in WordPress before 3.7.5, 3.8.x before 3.8.5, ...)
- {DSA-3085-1}
+ {DSA-3085-1 DLA-236-1}
- wordpress 4.0.1+dfsg-1 (bug #770425)
NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
NOTE: Upstream patch: https://core.trac.wordpress.org/changeset/30444
CVE-2014-9037 (WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and ...)
- {DSA-3085-1}
+ {DSA-3085-1 DLA-236-1}
- wordpress 4.0.1+dfsg-1 (bug #770425)
NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
CVE-2014-9036 (Cross-site scripting (XSS) vulnerability in WordPress before 3.7.5, ...)
- {DSA-3085-1}
+ {DSA-3085-1 DLA-236-1}
- wordpress 4.0.1+dfsg-1 (bug #770425)
NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
CVE-2014-9035 (Cross-site scripting (XSS) vulnerability in Press This in WordPress ...)
- {DSA-3085-1}
+ {DSA-3085-1 DLA-236-1}
- wordpress 4.0.1+dfsg-1 (bug #770425)
NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
CVE-2014-9034 (wp-includes/class-phpass.php in WordPress before 3.7.5, 3.8.x before ...)
- {DSA-3085-1}
+ {DSA-3085-1 DLA-236-1}
- wordpress 4.0.1+dfsg-1 (bug #770425)
NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
NOTE: Upstream patch: http://core.trac.wordpress.org/changeset/30467
CVE-2014-9033 (Cross-site request forgery (CSRF) vulnerability in wp-login.php in ...)
- {DSA-3085-1}
+ {DSA-3085-1 DLA-236-1}
- wordpress 4.0.1+dfsg-1 (bug #770425)
NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
NOTE: Upstream patch: http://core.trac.wordpress.org/changeset/30418
@@ -12957,7 +12957,7 @@
[squeeze] - wordpress <not-affected> (Affects 3.9, 3.9.1, 3.9.2, 4.0 only)
NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
CVE-2014-9031 (Cross-site scripting (XSS) vulnerability in the wptexturize function ...)
- {DSA-3085-1}
+ {DSA-3085-1 DLA-236-1}
- wordpress 4.0.1+dfsg-1 (bug #770425)
NOTE: https://wordpress.org/news/2014/11/wordpress-4-0-1/
CVE-2014-9028 (Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 ...)
More information about the Secure-testing-commits
mailing list