[Secure-testing-commits] r34080 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue May 5 08:07:07 UTC 2015
Author: carnil
Date: 2015-05-05 08:07:06 +0000 (Tue, 05 May 2015)
New Revision: 34080
Modified:
data/CVE/list
Log:
Updates for wordpress issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-05-05 06:04:54 UTC (rev 34079)
+++ data/CVE/list 2015-05-05 08:07:06 UTC (rev 34080)
@@ -165,11 +165,15 @@
NOTE: https://core.trac.wordpress.org/changeset/32299
CVE-2015-XXXX [Some plugins were vulnerable to an SQL injection vulnerability]
- wordpress 4.2+dfsg-1 (bug #783347)
+ [jessie] - wordpress 4.1+dfsg-1+deb8u1
+ [wheezy] - wordpress 3.6.1+dfsg-1~deb7u6
NOTE: https://wordpress.org/news/2015/04/wordpress-4-1-2/
NOTE: http://www.openwall.com/lists/oss-security/2015/04/26/2
NOTE: To be decided: http://www.openwall.com/lists/oss-security/2015/04/28/7
CVE-2015-XXXX [files with invalid or unsafe names could be uploaded]
- wordpress 4.2+dfsg-1 (bug #783347)
+ [jessie] - wordpress 4.1+dfsg-1+deb8u1
+ [wheezy] - wordpress <not-affected> (File upload vulnerability only in WordPress 4.1 and higher)
NOTE: https://wordpress.org/news/2015/04/wordpress-4-1-2/
NOTE: NOTE: http://www.openwall.com/lists/oss-security/2015/04/26/2
NOTE: To be decided: http://www.openwall.com/lists/oss-security/2015/04/28/7
More information about the Secure-testing-commits
mailing list