[Secure-testing-commits] r52322 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jun 5 12:54:09 UTC 2017
Author: carnil
Date: 2017-06-05 12:54:09 +0000 (Mon, 05 Jun 2017)
New Revision: 52322
Modified:
data/CVE/list
Log:
Add fixing version for CVE-2017-8295/wordpress, #862053
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-05 12:50:08 UTC (rev 52321)
+++ data/CVE/list 2017-06-05 12:54:09 UTC (rev 52322)
@@ -3205,7 +3205,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2017/04/25/9
CVE-2017-8295 (WordPress through 4.7.4 relies on the Host HTTP header for a ...)
{DSA-3870-1 DLA-975-1}
- - wordpress <unfixed> (bug #862053)
+ - wordpress 4.7.5+dfsg-2 (bug #862053)
NOTE: https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html
NOTE: http://blog.dewhurstsecurity.com/2017/05/04/exploitbox-wordpress-security-advisories.html
NOTE: https://core.trac.wordpress.org/ticket/25239
More information about the Secure-testing-commits
mailing list