Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits: 5742eedb by Markus Koschany at 2019-10-16T17:46:52Z CVE-2018-14028,wordpress: Remove fixed version CVE-2018-14028 has not been fixed yet. The corresponding upstream bug report is still open. https://core.trac.wordpress.org/ticket/44710 There is also no mention of any fix in the changelog of wordpress 4.9.8 https://wordpress.org/support/wordpress-version/version-4.9.8/ - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -64989,7 +64989,7 @@ CVE-2018-14030 CVE-2018-14029 (CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allo ...) NOT-FOR-US: Creatiwity wityCMS CVE-2018-14028 (In WordPress 4.9.7, plugins uploaded via the admin area are not verifi ...) - - wordpress 4.9.8+dfsg1-1 (bug #906565) + - wordpress <unfixed> (bug #906565) [stretch] - wordpress <no-dsa> (Minor issue) [jessie] - wordpress <postponed> (can be fixed with a later update) NOTE: https://core.trac.wordpress.org/ticket/44710 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5742eedb5129e4be8cefc0e93ba6b6d80a395da0 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5742eedb5129e4be8cefc0e93ba6b6d80a395da0 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
