[Secure-testing-commits] r49608 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Mar 12 16:21:13 UTC 2017


Author: carnil
Date: 2017-03-12 16:21:13 +0000 (Sun, 12 Mar 2017)
New Revision: 49608

Modified:
   data/CVE/list
Log:
CVE-2017-6815/wordpress updated

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-12 16:19:17 UTC (rev 49607)
+++ data/CVE/list	2017-03-12 16:21:13 UTC (rev 49608)
@@ -22,8 +22,6 @@
 	TODO: check
 CVE-2017-6816 (In WordPress before 4.7.3 (wp-admin/plugins.php), unintended files can ...)
 	TODO: check
-CVE-2017-6815 (In WordPress before 4.7.3 (wp-includes/pluggable.php), control ...)
-	TODO: check
 CVE-2017-6820 [XSS issue in handling of a style tag inside of an svg element]
 	- roundcube <unfixed> (bug #857473)
 	NOTE: https://github.com/roundcube/roundcubemail/commit/fa2824fdcd44af3f970b2797feb47652482c8305
@@ -660,7 +658,7 @@
 	- wordpress 4.7.3+dfsg-1 (bug #857026)
 	NOTE: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/28f838ca3ee205b6f39cd2bf23eb4e5f52796bd7
-CVE-2017-XXXX [Control characters can trick redirect URL validation]
+CVE-2017-6815 [Control characters can trick redirect URL validation]
 	- wordpress 4.7.3+dfsg-1 (bug #857026)
 	NOTE: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
 	NOTE: https://github.com/WordPress/WordPress/commit/288cd469396cfe7055972b457eb589cea51ce40e




More information about the Secure-testing-commits mailing list