[Git][security-tracker-team/security-tracker][master] CVE-2018-14028,wordpress: Remove fixed version
Markus Koschany
apo at debian.org
Wed Oct 16 18:48:33 BST 2019
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5742eedb by Markus Koschany at 2019-10-16T17:46:52Z
CVE-2018-14028,wordpress: Remove fixed version
CVE-2018-14028 has not been fixed yet. The corresponding upstream bug report
is still open.
https://core.trac.wordpress.org/ticket/44710
There is also no mention of any fix in the changelog of wordpress 4.9.8
https://wordpress.org/support/wordpress-version/version-4.9.8/
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -64989,7 +64989,7 @@ CVE-2018-14030
CVE-2018-14029 (CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allo ...)
NOT-FOR-US: Creatiwity wityCMS
CVE-2018-14028 (In WordPress 4.9.7, plugins uploaded via the admin area are not verifi ...)
- - wordpress 4.9.8+dfsg1-1 (bug #906565)
+ - wordpress <unfixed> (bug #906565)
[stretch] - wordpress <no-dsa> (Minor issue)
[jessie] - wordpress <postponed> (can be fixed with a later update)
NOTE: https://core.trac.wordpress.org/ticket/44710
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5742eedb5129e4be8cefc0e93ba6b6d80a395da0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5742eedb5129e4be8cefc0e93ba6b6d80a395da0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191016/6bc17751/attachment.html>
More information about the debian-security-tracker-commits
mailing list