[Secure-testing-commits] r57327 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Nov 4 22:42:37 UTC 2017


Author: carnil
Date: 2017-11-04 22:42:37 +0000 (Sat, 04 Nov 2017)
New Revision: 57327

Modified:
   data/CVE/list
Log:
Add notes for CVE-2012-6707

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-04 22:25:48 UTC (rev 57326)
+++ data/CVE/list	2017-11-04 22:42:37 UTC (rev 57327)
@@ -2453,6 +2453,8 @@
 CVE-2012-6707 (WordPress through 4.8.2 uses a weak MD5-based password hashing ...)
 	- wordpress <unfixed>
 	NOTE: https://core.trac.wordpress.org/ticket/21022
+	NOTE: Proposed patch (but not merged): https://core.trac.wordpress.org/attachment/ticket/21022/21022.3.diff
+	NOTE: Cf. https://core.trac.wordpress.org/ticket/21022#comment:80 and following.
 CVE-2017-15637
 	RESERVED
 CVE-2017-15636




More information about the Secure-testing-commits mailing list