[Secure-testing-commits] r44475 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Sep 10 08:08:28 UTC 2016
Author: carnil
Date: 2016-09-10 08:08:28 +0000 (Sat, 10 Sep 2016)
New Revision: 44475
Modified:
data/CVE/list
Log:
Add changeset for CVE-2016-689{6,7}/wordpress
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-10 06:31:31 UTC (rev 44474)
+++ data/CVE/list 2016-09-10 08:08:28 UTC (rev 44475)
@@ -880,18 +880,18 @@
[wheezy] - lshell <not-affected> (Vulnerable code not present)
NOTE: https://github.com/ghantoos/lshell/issues/149
NOTE: http://www.openwall.com/lists/oss-security/2016/08/22/15
-CVE-2016-6897
+CVE-2016-6897 [CSRF]
RESERVED
- wordpress 4.6.1+dfsg-1 (bug #837090)
NOTE: http://seclists.org/oss-sec/2016/q3/347
NOTE: https://sumofpwn.nl/advisory/2016/path_traversal_vulnerability_in_wordpress_core_ajax_handlers.html
- TODO: check older versions
-CVE-2016-6896
+ NOTE: https://core.trac.wordpress.org/changeset/38168
+CVE-2016-6896 [directory traversal vulnerability]
RESERVED
- wordpress 4.6.1+dfsg-1 (bug #837090)
NOTE: http://seclists.org/oss-sec/2016/q3/347
NOTE: https://sumofpwn.nl/advisory/2016/path_traversal_vulnerability_in_wordpress_core_ajax_handlers.html
- TODO: check older versions
+ NOTE: https://core.trac.wordpress.org/changeset/38168
CVE-2016-6893 (Cross-site request forgery (CSRF) vulnerability in the user options ...)
{DLA-608-1}
- mailman <unfixed> (bug #835970)
More information about the Secure-testing-commits
mailing list