[Git][security-tracker-team/security-tracker][master] Triage CVE-2020-4046 in wordpress for stretch LTS.
Chris Lamb
lamby at debian.org
Fri Jul 10 11:38:02 BST 2020
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b366ec1f by Chris Lamb at 2020-07-10T11:37:36+01:00
Triage CVE-2020-4046 in wordpress for stretch LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3903,6 +3903,7 @@ CVE-2020-4048 (In affected versions of WordPress, due to an issue in wp_validate
CVE-2020-4046 (In affected versions of WordPress, users with low privileges (like con ...)
{DSA-4709-1 DLA-2269-1}
- wordpress 5.4.2+dfsg1-1 (bug #962685)
+ [stretch] - wordpress <not-affected> (Not affected, title HTML attribute parsing added later despite being marked as fixed in 4.1.31+dfsg-0+deb8u1?)
NOTE: https://core.trac.wordpress.org/changeset/47947
NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-rpwf-hrh2-39jf
CVE-2020-4047 (In affected versions of WordPress, authenticated users with upload per ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b366ec1f25678c94d9273bab075bbdb785004c64
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b366ec1f25678c94d9273bab075bbdb785004c64
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200710/823f14b6/attachment.html>
More information about the debian-security-tracker-commits
mailing list