[Git][security-tracker-team/security-tracker][master] Reserve DSA for wordpress update
Salvatore Bonaccorso
carnil at debian.org
Sat May 5 22:05:35 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
38f03010 by Salvatore Bonaccorso at 2018-05-05T23:05:14+02:00
Reserve DSA for wordpress update
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2253,6 +2253,7 @@ CVE-2018-9838 (The caml_ba_deserialize function in byterun/bigarray.c in the sta
NOTE: Before 4.06.0+beta1 the code is present in otherlibs/bigarray/bigarray_stubs.c
CVE-2018-10101 (Before WordPress 4.9.5, the URL validator assumed URLs with the ...)
- wordpress 4.9.5+dfsg1-1 (bug #895034)
+ [stretch] - wordpress 4.7.5+dfsg-2+deb9u3
[jessie] - wordpress <not-affected> (vulnerable code is not present)
[wheezy] - wordpress <not-affected> (vulnerable code is not present)
NOTE: https://core.trac.wordpress.org/changeset/42894
=====================================
data/DSA/list
=====================================
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -1,3 +1,7 @@
+[05 May 2018] DSA-4193-1 wordpress - security update
+ {CVE-2018-10100 CVE-2018-10102}
+ [jessie] - wordpress 4.1+dfsg-1+deb8u17
+ [stretch] - wordpress 4.7.5+dfsg-2+deb9u3
[04 May 2018] DSA-4192-1 libmad - security update
{CVE-2017-8372 CVE-2017-8373 CVE-2017-8374}
[jessie] - libmad 0.15.1b-8+deb8u1
=====================================
data/dsa-needed.txt
=====================================
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -98,10 +98,6 @@ vlc (jmm)
--
wavpack (jmm)
--
-wordpress (carnil)
- Craig Small prepared update for stretch-security
- Craig Small and Markus Koschany working on jessie-security update, needs debdiff review
---
xen
--
zendframework/oldstable
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/38f03010d052e62acb181efd11ec811ab9629fd9
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/38f03010d052e62acb181efd11ec811ab9629fd9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180505/b86db199/attachment.html>
More information about the debian-security-tracker-commits
mailing list