[Secure-testing-commits] r58820 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Dec 21 20:06:30 UTC 2017
Author: carnil
Date: 2017-12-21 20:06:30 +0000 (Thu, 21 Dec 2017)
New Revision: 58820
Modified:
data/CVE/list
Log:
Slightly sort one entry
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-21 19:40:21 UTC (rev 58819)
+++ data/CVE/list 2017-12-21 20:06:30 UTC (rev 58820)
@@ -15512,9 +15512,9 @@
CVE-2017-14990 (WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but ...)
{DSA-3997-1}
- wordpress 4.8.2+dfsg-2 (bug #877629)
+ [wheezy] - wordpress <ignored> (Fix requires database upgrade which is too intrusive compared to the actual benefit.)
NOTE: https://core.trac.wordpress.org/ticket/38474
NOTE: Wordpress in Wheezy requires a database upgrade and backports of new functions
- [wheezy] - wordpress <ignored> (Fix requires database upgrade which is too intrusive compared to the actual benefit.)
CVE-2017-14989 (A use-after-free in RenderFreetype in MagickCore/annotate.c in ...)
{DSA-4040-1 DSA-4032-1 DLA-1131-1}
- imagemagick <unfixed> (bug #878562)
More information about the Secure-testing-commits
mailing list