[Git][security-tracker-team/security-tracker][master] CVE-2024-31210/wordpress assigned

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Apr 5 10:13:36 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
79c9c55f by Salvatore Bonaccorso at 2024-04-05T11:13:05+02:00
CVE-2024-31210/wordpress assigned

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17,7 +17,10 @@ CVE-2024-31498 (ykman-gui (aka YubiKey Manager GUI) before 1.2.6 on Windows, whe
 CVE-2024-31212 (InstantCMS is a free and open source content management system. A SQL  ...)
 	NOT-FOR-US: InstantCMS
 CVE-2024-31210 (WordPress is an open publishing platform for the Web. It's possible fo ...)
-	TODO: check
+	- wordpress 6.4.3+dfsg1-1
+	[buster] - wordpress 5.0.21+dfsg1-0+deb10u1
+	NOTE: https://wordpress.org/news/2024/01/wordpress-6-4-3-maintenance-and-security-release/
+	NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-x79f-xrjv-jx5r
 CVE-2024-31206 (dectalk-tts is a Node package to interact with the aeiou Dectalk web A ...)
 	TODO: check
 CVE-2024-31204 (mailcow: dockerized is an open source groupware/email suite based on d ...)
@@ -15245,9 +15248,6 @@ CVE-2024-0985 (Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=d541ce3b6f0582723150f45d52eab119985d3c19 (REL_13_14)
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=2699fc035a75d0774c1f013e9320882287f78adb (REL_12_18)
 	NOTE: Commits have wrong CVE mentioned but the correct one is CVE-2024-0985
-CVE-2024-XXXX [wordpress 6.4.3 security issues]
-	- wordpress 6.4.3+dfsg1-1
-	NOTE: https://wordpress.org/news/2024/01/wordpress-6-4-3-maintenance-and-security-release/
 CVE-2024-25148 (In Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, ...)
 	NOT-FOR-US: Liferay Portal
 CVE-2024-25146 (Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, an ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79c9c55f6487ffe4ba6315af8a8f185c564c7fe8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79c9c55f6487ffe4ba6315af8a8f185c564c7fe8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240405/6a6301f2/attachment.htm>

More information about the debian-security-tracker-commits mailing list