[Secure-testing-commits] r41520 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat May 7 17:43:40 UTC 2016
Author: carnil
Date: 2016-05-07 17:43:40 +0000 (Sat, 07 May 2016)
New Revision: 41520
Modified:
data/CVE/list
Log:
CVE-2016-4567 assigned
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-07 17:33:15 UTC (rev 41519)
+++ data/CVE/list 2016-05-07 17:43:40 UTC (rev 41520)
@@ -1,8 +1,10 @@
-CVE-2016-XXXX [XSS]
- - mediaelement <unfixed> (bug #823649)
+CVE-2016-4567 [XSS]
+ - mediaelement <unfixed> (unimportant; bug #823649)
NOTE: https://core.trac.wordpress.org/changeset/37370
NOTE: Fixed by: https://github.com/johndyer/mediaelement/commit/34834eef8ac830b9145df169ec22016a4350f06e
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/05/07/2
+ NOTE: Vulnerable code present, but Flash Player disabled in Debian
+ NOTE: See 0004-Deactivate-Flash-and-Silverlight.patch
+ NOTE: http://www.openwall.com/lists/oss-security/2016/05/07/2
CVE-2016-XXXX [XSS]
- wordpress 4.5.2+dfsg-1 (bug #823640)
[jessie] - wordpress <not-affected> (Vulnerable code not present)
More information about the Secure-testing-commits
mailing list