[Git][security-tracker-team/security-tracker][master] Add CVEs for wordpress
Salvatore Bonaccorso
carnil at debian.org
Sat Apr 14 20:08:55 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bfef9291 by Salvatore Bonaccorso at 2018-04-14T21:06:29+02:00
Add CVEs for wordpress
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -618,15 +618,18 @@ CVE-2018-9838 (The caml_ba_deserialize function in byterun/bigarray.c in the sta
NOTE: https://caml.inria.fr/mantis/view.php?id=7765
NOTE: https://github.com/ocaml/ocaml/pull/1718
NOTE: Before 4.06.0+beta1 the code is present in otherlibs/bigarray/bigarray_stubs.c
-CVE-2018-XXXX [wordpress: Don't treat localhost as same host by default]
+CVE-2018-10101 [wordpress: Don't treat localhost as same host by default]
- wordpress 4.9.5+dfsg1-1 (bug #895034)
NOTE: https://core.trac.wordpress.org/changeset/42894
-CVE-2018-XXXX [wordpress: Use safe redirects when redirecting the login page if SSL is forced]
+ NOTE: https://github.com/WordPress/WordPress/commit/804363859602d4050d9a38a21f5a65d9aec18216
+CVE-2018-10100 [wordpress: Use safe redirects when redirecting the login page if SSL is forced]
- wordpress 4.9.5+dfsg1-1 (bug #895034)
NOTE: https://core.trac.wordpress.org/changeset/42892
-CVE-2018-XXXX [wordpress: Make sure the version string is correctly escaped for use in generator tags]
+ NOTE: https://github.com/WordPress/WordPress/commit/14bc2c0a6fde0da04b47130707e01df850eedc7e
+CVE-2018-10102 [wordpress: Make sure the version string is correctly escaped for use in generator tags]
- wordpress 4.9.5+dfsg1-1 (bug #895034)
NOTE: https://core.trac.wordpress.org/changeset/42893
+ NOTE: https://github.com/WordPress/WordPress/commit/31a4369366d6b8ce30045d4c838de2412c77850d
CVE-2018-9837
RESERVED
CVE-2018-9836
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bfef9291691f906864329d68e95ba23c78fd121f
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bfef9291691f906864329d68e95ba23c78fd121f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180414/01b66b07/attachment.html>
More information about the debian-security-tracker-commits
mailing list