[Git][security-tracker-team/security-tracker][master] CVE-2017-8295/wordpress: reference recent sanctioned commit
Sylvain Beucler
beuc at debian.org
Wed Sep 9 13:57:09 BST 2020
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1f6c23d5 by Sylvain Beucler at 2020-09-09T14:56:50+02:00
CVE-2017-8295/wordpress: reference recent sanctioned commit
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -199346,6 +199346,7 @@ CVE-2017-8295 (WordPress through 4.7.4 relies on the Host HTTP header for a pass
NOTE: https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html
NOTE: http://blog.dewhurstsecurity.com/2017/05/04/exploitbox-wordpress-security-advisories.html
NOTE: https://core.trac.wordpress.org/ticket/25239
+ NOTE: https://core.trac.wordpress.org/changeset/48601 (5.5)
CVE-2017-8294 (libyara/re.c in the regex component in YARA 3.5.0 allows remote attack ...)
- yara 3.6.0+dfsg-1 (bug #861590)
[stretch] - yara <ignored> (Minor issue, too intrusive to backport)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f6c23d5dbdd1766a38ee7273e6f1139a45befaa
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f6c23d5dbdd1766a38ee7273e6f1139a45befaa
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200909/874212e7/attachment.html>
More information about the debian-security-tracker-commits
mailing list