[Secure-testing-commits] r44451 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Sep 9 12:24:39 UTC 2016
Author: carnil
Date: 2016-09-09 12:24:39 +0000 (Fri, 09 Sep 2016)
New Revision: 44451
Modified:
data/CVE/list
Log:
Add fixed version for four CVEs in wordpress
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-09 11:57:36 UTC (rev 44450)
+++ data/CVE/list 2016-09-09 12:24:39 UTC (rev 44451)
@@ -18,12 +18,12 @@
RESERVED
CVE-2016-7169 [a path traversal vulnerability in the upgrade package uploader]
RESERVED
- - wordpress <unfixed>
+ - wordpress 4.6.1+dfsg-1
NOTE: https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
NOTE: Fixed in 4.6.1 release upstream
CVE-2016-7168 [a cross-site scripting vulnerability via image filename]
RESERVED
- - wordpress <unfixed>
+ - wordpress 4.6.1+dfsg-1
NOTE: https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
NOTE: Fixed in 4.6.1 release upstream
CVE-2016-7167
@@ -812,13 +812,13 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/08/22/15
CVE-2016-6897
RESERVED
- - wordpress <unfixed> (bug #837090)
+ - wordpress 4.6.1+dfsg-1 (bug #837090)
NOTE: http://seclists.org/oss-sec/2016/q3/347
NOTE: https://sumofpwn.nl/advisory/2016/path_traversal_vulnerability_in_wordpress_core_ajax_handlers.html
TODO: check older versions
CVE-2016-6896
RESERVED
- - wordpress <unfixed> (bug #837090)
+ - wordpress 4.6.1+dfsg-1 (bug #837090)
NOTE: http://seclists.org/oss-sec/2016/q3/347
NOTE: https://sumofpwn.nl/advisory/2016/path_traversal_vulnerability_in_wordpress_core_ajax_handlers.html
TODO: check older versions
More information about the Secure-testing-commits
mailing list