[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for wordpress issues

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
31e47650 by Salvatore Bonaccorso at 2020-11-02T06:40:34+01:00
Add Debian bug reference for wordpress issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,38 +11,38 @@ CVE-2020-28042 (ServiceStack before 5.9.2 mishandles JWT signature verification
 CVE-2020-28041 (The SIP ALG implementation on NETGEAR Nighthawk R7000 1.0.9.64_10.2.64 ...)
 	NOT-FOR-US: Netgear
 CVE-2020-28040 (WordPress before 5.5.2 allows CSRF attacks that change a theme's backg ...)
-	- wordpress <unfixed>
+	- wordpress <unfixed> (bug #973562)
 	NOTE: https://blog.wpscan.com/2020/10/30/wordpress-5.5.2-security-release.html
 	NOTE: https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
 CVE-2020-28039 (is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 al ...)
-	- wordpress <unfixed>
+	- wordpress <unfixed> (bug #973562)
 	NOTE: https://github.com/WordPress/wordpress-develop/commit/d5ddd6d4be1bc9fd16b7796842e6fb26315705ad
 	NOTE: https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
 	NOTE: https://wpscan.com/vulnerability/10452
 CVE-2020-28038 (WordPress before 5.5.2 allows stored XSS via post slugs. ...)
-	- wordpress <unfixed>
+	- wordpress <unfixed> (bug #973562)
 	NOTE: https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
 CVE-2020-28037 (is_blog_installed in wp-includes/functions.php in WordPress before 5.5 ...)
-	- wordpress <unfixed>
+	- wordpress <unfixed> (bug #973562)
 	NOTE: https://github.com/WordPress/wordpress-develop/commit/2ca15d1e5ce70493c5c0c096ca0c76503d6da07c
 	NOTE: https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
 	NOTE: https://wpscan.com/vulnerability/10450
 CVE-2020-28036 (wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allow ...)
-	- wordpress <unfixed>
+	- wordpress <unfixed> (bug #973562)
 	NOTE: https://github.com/WordPress/wordpress-develop/commit/c9e6b98968025b1629015998d12c3102165a7d32
 	NOTE: https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
 	NOTE: https://wpscan.com/vulnerability/10449
 CVE-2020-28035 (WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC ...)
-	- wordpress <unfixed>
+	- wordpress <unfixed> (bug #973562)
 	NOTE: https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
 CVE-2020-28034 (WordPress before 5.5.2 allows XSS associated with global variables. ...)
-	- wordpress <unfixed>
+	- wordpress <unfixed> (bug #973562)
 	NOTE: https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
 CVE-2020-28033 (WordPress before 5.5.2 mishandles embeds from disabled sites on a mult ...)
-	- wordpress <unfixed>
+	- wordpress <unfixed> (bug #973562)
 	NOTE: https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
 CVE-2020-28032 (WordPress before 5.5.2 mishandles deserialization requests in wp-inclu ...)
-	- wordpress <unfixed>
+	- wordpress <unfixed> (bug #973562)
 	NOTE: https://github.com/WordPress/wordpress-develop/commit/add6bedf3a53b647d0ebda2970057912d3cd79d3
 	NOTE: https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
 	NOTE: https://wpscan.com/vulnerability/10446



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/31e4765002100164c64dc4d7e996cd40cff355ee

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/31e4765002100164c64dc4d7e996cd40cff355ee
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201102/eb297936/attachment.html>