[Secure-testing-commits] r48021 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jan 14 08:03:32 UTC 2017
Author: carnil
Date: 2017-01-14 08:03:32 +0000 (Sat, 14 Jan 2017)
New Revision: 48021
Modified:
data/CVE/list
Log:
Add bug reference for wordpress
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-14 07:54:40 UTC (rev 48020)
+++ data/CVE/list 2017-01-14 08:03:32 UTC (rev 48021)
@@ -1,34 +1,34 @@
CVE-2017-XXXX [WordPress 4.7 - User Information Disclosure via REST API]
- - wordpress 4.7.1+dfsg-1
+ - wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8715
NOTE: https://github.com/WordPress/WordPress/commit/daf358983cc1ce0c77bf6d2de2ebbb43df2add60
CVE-2017-XXXX [WordPress 2.9-4.7 - Authenticated Cross-Site scripting (XSS) in update-core.php]
- - wordpress 4.7.1+dfsg-1
+ - wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8716
NOTE: https://github.com/WordPress/WordPress/blob/c9ea1de1441bb3bda133bf72d513ca9de66566c2/wp-admin/update-core.php
CVE-2017-XXXX [WordPress 4.7 - Cross-Site Request Forgery (CSRF) via Flash Upload]
- - wordpress 4.7.1+dfsg-1
+ - wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8717
CVE-2017-XXXX [WordPress 3.4-4.7 - Stored Cross-Site Scripting (XSS) via Theme Name fallback]
- - wordpress 4.7.1+dfsg-1
+ - wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8718
NOTE: https://github.com/WordPress/WordPress/commit/ce7fb2934dd111e6353784852de8aea2a938b359
CVE-2017-XXXX [WordPress <= 4.7 - Post via Email Checks mail.example.com by Default]
- - wordpress 4.7.1+dfsg-1
+ - wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8719
NOTE: https://github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a
CVE-2017-XXXX [WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request Forgery (CSRF)]
- - wordpress 4.7.1+dfsg-1
+ - wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8720
NOTE: https://github.com/WordPress/WordPress/commit/03e5c0314aeffe6b27f4b98fef842bf0fb00c733
CVE-2017-XXXX [WordPress 3.0-4.7 - Cryptographically Weak Pseudo-Random Number Generator (PRNG)]
- - wordpress 4.7.1+dfsg-1
+ - wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8721
NOTE: https://github.com/WordPress/WordPress/commit/cea9e2dc62abf777e06b12ec4ad9d1aaa49b29f4
More information about the Secure-testing-commits
mailing list