[Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2022-43504/wordpress

[Guilhem Moulin (@guilhem)]

Guilhem Moulin pushed to branch master at Debian Security Tracker / security-tracker


Commits:
05f299b5 by Guilhem Moulin at 2023-04-24T15:10:13+02:00
Triage CVE-2022-43504/wordpress

- - - - -
cd20d498 by Guilhem Moulin at 2023-04-24T15:10:15+02:00
Triage CVE-2022-{43497,43500,XXXXX}/wordpress

WordPress 6.0.3 release notes have many (>3) XSS vulnerability fixes;
not clear exactly which ones CVE-2022-{43497,43500,XXXXX} refer to, but
I checked that all security fixes coming with 6.0.3 were also backported
in 5.0.18's https://core.trac.wordpress.org/changeset/54571 .  (Except
{search, feature image, RSS, widget} block XSS fixes, as the code is not
present in 5.0.)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -43542,17 +43542,19 @@ CVE-2022-43508 (Use-after free vulnerability exists in CX-Programmer v.9.77 and
 CVE-2022-43504 (Improper authentication vulnerability in WordPress versions prior to 6 ...)
 	{DSA-5279-1}
 	- wordpress 6.0.3+dfsg1-1 (bug #1022575)
-	[buster] - wordpress <postponed> (wait for CVE assignment)
+	[buster] - wordpress 5.0.18+dfsg1-0+deb10u1
 	NOTE: https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/
+	NOTE: Fixed by: https://core.trac.wordpress.org/changeset/54531 (6.0)
+	NOTE: Follow-up: https://core.trac.wordpress.org/changeset/54533 (6.0)
 CVE-2022-43500 (Cross-site scripting vulnerability in WordPress versions prior to 6.0. ...)
 	{DSA-5279-1}
 	- wordpress 6.0.3+dfsg1-1 (bug #1022575)
-	[buster] - wordpress <postponed> (wait for CVE assignment)
+	[buster] - wordpress 5.0.18+dfsg1-0+deb10u1
 	NOTE: https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/
 CVE-2022-43497 (Cross-site scripting vulnerability in WordPress versions prior to 6.0. ...)
 	{DSA-5279-1}
 	- wordpress 6.0.3+dfsg1-1 (bug #1022575)
-	[buster] - wordpress <postponed> (wait for CVE assignment)
+	[buster] - wordpress 5.0.18+dfsg1-0+deb10u1
 	NOTE: https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/
 CVE-2022-43487 (Cross-site scripting vulnerability in Salon booking system versions pr ...)
 	NOT-FOR-US: Salon booking system
@@ -55846,7 +55848,7 @@ CVE-2006-20001 (A carefully crafted If: request header can cause a memory read,
 CVE-2022-XXXX [wordpress 6.0.3]
 	- wordpress 6.0.3+dfsg1-1 (bug #1022575)
 	[bullseye] - wordpress 5.7.8+dfsg1-0+deb11u1
-	[buster] - wordpress <postponed> (wait for CVE assignment)
+	[buster] - wordpress 5.0.18+dfsg1-0+deb10u1
 	NOTE: https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/
 	NOTE: Some issues covered by CVE-2022-43497, CVE-2022-43500 and CVE-2022-43504
 CVE-2022-XXXX [wordpress 6.0.2]



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/88028fdad75aa51bddad4a51f282f36b1c143136...cd20d4983d4d2d9c5e8463d89bd1c9e1b9928b50

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/88028fdad75aa51bddad4a51f282f36b1c143136...cd20d4983d4d2d9c5e8463d89bd1c9e1b9928b50
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230424/6a38361f/attachment.htm>