[Secure-testing-commits] r43553 - data/CVE
Markus Koschany
apo at moszumanska.debian.org
Thu Jul 28 11:53:24 UTC 2016
Author: apo
Date: 2016-07-28 11:53:24 +0000 (Thu, 28 Jul 2016)
New Revision: 43553
Modified:
data/CVE/list
Log:
Add some notes about CVE-2016-5836
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-28 11:30:38 UTC (rev 43552)
+++ data/CVE/list 2016-07-28 11:53:24 UTC (rev 43553)
@@ -2300,6 +2300,9 @@
NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
CVE-2016-5836 (The oEmbed protocol implementation in WordPress before 4.5.3 allows ...)
- wordpress 4.5.3+dfsg-1
+ NOTE: (Possible upstream ticket) https://core.trac.wordpress.org/ticket/36767
+ NOTE: Fixed by (Branch 4.4) https://core.trac.wordpress.org/changeset/37798
+ NOTE: Check if this makes sense. Seems to be the only change regarding oEmbed in 4.5.3
NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
CVE-2016-5835 (WordPress before 4.5.3 allows remote attackers to obtain sensitive ...)
- wordpress 4.5.3+dfsg-1
More information about the Secure-testing-commits
mailing list