[Git][security-tracker-team/security-tracker][master] Add fixed version for wordpress issues via unstable

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
49fd33c9 by Salvatore Bonaccorso at 2019-12-28T20:21:51Z
Add fixed version for wordpress issues via unstable

Those issues were fixed in 5.3.1 upstream and included in the wordpress
upload to upstable as 5.3.2+dfsg1-1.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1206,26 +1206,26 @@ CVE-2019-19835
 CVE-2019-19834
 	RESERVED
 CVE-2019-20043 (WordPress before 5.3.1 allowed an unauthenticated user to make a post  ...)
-	- wordpress <unfixed> (bug #946905)
+	- wordpress 5.3.2+dfsg1-1 (bug #946905)
 	NOTE: https://core.trac.wordpress.org/changeset/46893/trunk
 	NOTE: https://github.com/WordPress/wordpress-develop/commit/1d1d5be7aa94608c04516cac4238e8c22b93c1d9
 	NOTE: https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
 CVE-2019-20042 (WordPress before 5.3.1 allowed an attacker to create a cross-site scri ...)
-	- wordpress <unfixed> (bug #946905)
+	- wordpress 5.3.2+dfsg1-1 (bug #946905)
 	NOTE: https://core.trac.wordpress.org/changeset/46894/trunk
 	NOTE: https://github.com/WordPress/wordpress-develop/commit/1f7f3f1f59567e2504f0fbebd51ccf004b3ccb1d
 	NOTE: https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
 CVE-2019-20041 (wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 ...)
-	- wordpress <unfixed> (bug #946905)
+	- wordpress 5.3.2+dfsg1-1 (bug #946905)
 	NOTE: https://github.com/WordPress/wordpress-develop/commit/b1975463dd995da19bb40d3fa0786498717e3c53
 	NOTE: https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
 CVE-2019-16781 (In WordPress before 5.3.1, authenticated users with lower privileges ( ...)
-	- wordpress <unfixed> (bug #946905)
+	- wordpress 5.3.2+dfsg1-1 (bug #946905)
 	NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-pg4x-64rh-3c9v
 	NOTE: https://hackerone.com/reports/731301
 	NOTE: https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
 CVE-2019-16780 (WordPress users with lower privileges (like contributors) can inject J ...)
-	- wordpress <unfixed> (bug #946905)
+	- wordpress 5.3.2+dfsg1-1 (bug #946905)
 	NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-x3wp-h3qx-9w94
 	NOTE: https://github.com/WordPress/wordpress-develop/commit/505dd6a20b6fc3d06130018c1caeff764248c29e
 	NOTE: https://hackerone.com/reports/738644



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/49fd33c9bdb6b224629bfc12cc2322d58612336e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/49fd33c9bdb6b224629bfc12cc2322d58612336e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191228/e50dcaf2/attachment.html>