[Git][security-tracker-team/security-tracker][master] Unify wordpress changes fo the 6.0.2 update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Oct 19 17:00:50 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ea0bb1cd by Salvatore Bonaccorso at 2024-10-19T18:00:23+02:00
Unify wordpress changes fo the 6.0.2 update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -876,9 +876,11 @@ CVE-2023-7286 (The plugin ACF Quick Edit Fields for WordPress is vulnerable to I
 CVE-2022-4974 (The Freemius SDK, as used by hundreds of WordPress plugin and theme de ...)
 	NOT-FOR-US: WordPress plugin SDK
 CVE-2022-4973 (WordPress Core, in versions up to 6.0.2, is vulnerable to Authenticate ...)
-	- wordpress 6.0.2+dfsg1-1
+	- wordpress 6.0.2+dfsg1-1 (bug #1018863)
 	[bullseye] - wordpress 5.7.8+dfsg1-0+deb11u1
-	NOTE: https://core.trac.wordpress.org/changeset/53961
+	[buster] - wordpress 5.0.17+dfsg1-0+deb10u1
+	NOTE: https://core.trac.wordpress.org/changeset/53961 (branches/6.0)
+	NOTE: https://core.trac.wordpress.org/changeset/53973 (branches/5.0)
 	NOTE: https://wordpress.org/news/2022/08/wordpress-6-0-2-security-and-maintenance-release/
 CVE-2022-4972 (The Download Monitor plugin for WordPress is vulnerable to authorizati ...)
 	NOT-FOR-US: WordPress plugin
@@ -171926,12 +171928,6 @@ CVE-2022-XXXX [wordpress 6.0.3]
 	[buster] - wordpress 5.0.18+dfsg1-0+deb10u1
 	NOTE: https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/
 	NOTE: Some issues covered by CVE-2022-43497, CVE-2022-43500 and CVE-2022-43504
-CVE-2022-XXXX [wordpress 6.0.2]
-	- wordpress 6.0.2+dfsg1-1 (bug #1018863)
-	[bullseye] - wordpress 5.7.8+dfsg1-0+deb11u1
-	[buster] - wordpress 5.0.17+dfsg1-0+deb10u1
-	NOTE: https://wordpress.org/news/2022/08/wordpress-6-0-2-security-and-maintenance-release/
-	NOTE: https://core.trac.wordpress.org/changeset/53973 (5.0)
 CVE-2022-39079
 	RESERVED
 CVE-2022-39078



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea0bb1cd77ffe99cd3934adcca7c2492c11ee9c1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea0bb1cd77ffe99cd3934adcca7c2492c11ee9c1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241019/c4ed69b0/attachment.htm>

More information about the debian-security-tracker-commits mailing list