Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ddd79095 by Moritz Muehlenhoff at 2023-02-16T16:20:19+01:00
wordpress CVE assignments for issues fixed back in 6.0.3
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9522,7 +9522,7 @@ CVE-2023-22624 (Zoho ManageEngine Exchange Reporter Plus
before 5708 allows atta
CVE-2023-22623
RESERVED
CVE-2023-22622 (WordPress through 6.1.1 depends on unpredictable client visits
to caus ...)
- TODO: check
+ - wordpress <not-affected> (Not an issue for packaged WordPress)
CVE-2023-22621
RESERVED
CVE-2023-22620
@@ -27739,11 +27739,20 @@ CVE-2022-43509 (Out-of-bounds write vulnerability
exists in CX-Programmer v.9.77
CVE-2022-43508 (Use-after free vulnerability exists in CX-Programmer v.9.77
and earlie ...)
NOT-FOR-US: CX-Programmer
CVE-2022-43504 (Improper authentication vulnerability in WordPress versions
prior to 6 ...)
- TODO: check
+ - wordpress 6.0.3+dfsg1-1 (bug #1022575)
+ [bullseye] - wordpress 5.7.8+dfsg1-0+deb11u1
+ [buster] - wordpress <postponed> (wait for CVE assignment)
+ NOTE:
https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/
CVE-2022-43500 (Cross-site scripting vulnerability in WordPress versions prior
to 6.0. ...)
- TODO: check
+ - wordpress 6.0.3+dfsg1-1 (bug #1022575)
+ [bullseye] - wordpress 5.7.8+dfsg1-0+deb11u1
+ [buster] - wordpress <postponed> (wait for CVE assignment)
+ NOTE:
https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/
CVE-2022-43497 (Cross-site scripting vulnerability in WordPress versions prior
to 6.0. ...)
- TODO: check
+ - wordpress 6.0.3+dfsg1-1 (bug #1022575)
+ [bullseye] - wordpress 5.7.8+dfsg1-0+deb11u1
+ [buster] - wordpress <postponed> (wait for CVE assignment)
+ NOTE:
https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/
CVE-2022-43487 (Cross-site scripting vulnerability in Salon booking system
versions pr ...)
NOT-FOR-US: Salon booking system
CVE-2022-43484 (TERASOLUNA Global Framework 1.0.0 (Public review version) and
TERASOLU ...)
@@ -39923,6 +39932,7 @@ CVE-2022-XXXX [wordpress 6.0.3]
[bullseye] - wordpress 5.7.8+dfsg1-0+deb11u1
[buster] - wordpress <postponed> (wait for CVE assignment)
NOTE:
https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/
+ NOTE: Some issues covered by CVE-2022-43497, CVE-2022-43500 and
CVE-2022-43504
CVE-2022-XXXX [wordpress 6.0.2]
- wordpress 6.0.2+dfsg1-1 (bug #1018863)
[bullseye] - wordpress 5.7.8+dfsg1-0+deb11u1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ddd7909526d9da68251fc5e7287b5d6cb7d25cf9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ddd7909526d9da68251fc5e7287b5d6cb7d25cf9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
