Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
865579b3 by Salvatore Bonaccorso at 2025-03-13T20:55:35+01:00
auto-nfu: Add rule for Patchstack CNA CVEs for WordPress plugins and themes
The scope of the Patchstack CNA is too wide, but covers assignments for
WordPress plugins or themes. Add a more complex rule catching the CNA
but then match against the title of the CVE for WordPress.*Plugin or
WordPress.*Theme (case insensitive).
- - - - -
1 changed file:
- data/packages/nfu.yaml
Changes:
=====================================
data/packages/nfu.yaml
=====================================
@@ -96,6 +96,10 @@
- cna: Esri
- anyOf:
- product: ArcGIS Server
+- reason: WordPress plugin or theme
+ allOf:
+ - cna: Patchstack
+ - title: '.*\b(?i:WordPress)\s.*\s(?i:(Plugin|Theme))\b.*'
- reason: IBM
allOf:
- cna: ibm
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/865579b3bfe11fef1d44e9b4298fe840eaeaf13f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/865579b3bfe11fef1d44e9b4298fe840eaeaf13f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
