[Secure-testing-commits] r48073 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Jan 15 09:23:16 UTC 2017
Author: carnil
Date: 2017-01-15 09:23:16 +0000 (Sun, 15 Jan 2017)
New Revision: 48073
Modified:
data/CVE/list
Log:
Remove CVE request marker for assigned CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-15 07:57:06 UTC (rev 48072)
+++ data/CVE/list 2017-01-15 09:23:16 UTC (rev 48073)
@@ -1,35 +1,35 @@
CVE-2017-5487 [WordPress 4.7 - User Information Disclosure via REST API]
- wordpress 4.7.1+dfsg-1 (bug #851310)
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1
+ NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8715
NOTE: https://github.com/WordPress/WordPress/commit/daf358983cc1ce0c77bf6d2de2ebbb43df2add60
CVE-2017-5488 [WordPress 2.9-4.7 - Authenticated Cross-Site scripting (XSS) in update-core.php]
- wordpress 4.7.1+dfsg-1 (bug #851310)
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1
+ NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8716
NOTE: https://github.com/WordPress/WordPress/blob/c9ea1de1441bb3bda133bf72d513ca9de66566c2/wp-admin/update-core.php
CVE-2017-5489 [WordPress 4.7 - Cross-Site Request Forgery (CSRF) via Flash Upload]
- wordpress 4.7.1+dfsg-1 (bug #851310)
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1
+ NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8717
CVE-2017-5490 [WordPress 3.4-4.7 - Stored Cross-Site Scripting (XSS) via Theme Name fallback]
- wordpress 4.7.1+dfsg-1 (bug #851310)
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1
+ NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8718
NOTE: https://github.com/WordPress/WordPress/commit/ce7fb2934dd111e6353784852de8aea2a938b359
CVE-2017-5491 [WordPress <= 4.7 - Post via Email Checks mail.example.com by Default]
- wordpress 4.7.1+dfsg-1 (bug #851310)
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1
+ NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8719
NOTE: https://github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a
CVE-2017-5492 [WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request Forgery (CSRF)]
- wordpress 4.7.1+dfsg-1 (bug #851310)
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1
+ NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8720
NOTE: https://github.com/WordPress/WordPress/commit/03e5c0314aeffe6b27f4b98fef842bf0fb00c733
CVE-2017-5493 [WordPress 3.0-4.7 - Cryptographically Weak Pseudo-Random Number Generator (PRNG)]
- wordpress 4.7.1+dfsg-1 (bug #851310)
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1
+ NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8721
NOTE: https://github.com/WordPress/WordPress/commit/cea9e2dc62abf777e06b12ec4ad9d1aaa49b29f4
CVE-2017-5356 [Irssi out of bounds read in format string]
More information about the Secure-testing-commits
mailing list