Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=270f1e8ddaaf3fe42b2efa4d0a8b2601095f8066
commit 270f1e8ddaaf3fe42b2efa4d0a8b2601095f8066 Author: Miklos Vajna <vmik...@frugalware.org> Date: Mon Mar 1 20:29:32 2010 +0100 FSA629-wordpress diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml index f0df371..ceea622 100644 --- a/frugalware/xml/security.xml +++ b/frugalware/xml/security.xml @@ -26,6 +26,18 @@ <fsas> <fsa> + <id>629</id> + <date>2010-03-01</date> + <author>Miklos Vajna</author> + <package>wordpress</package> + <vulnerable>2.8.4-1</vulnerable> + <unaffected>2.8.5-1getorin1</unaffected> + <bts>http://bugs.frugalware.org/task/4007</bts> + <cve>No CVE, see http://wordpress.org/development/2009/10/wordpress-2-8-5-hardening-release/.</cve> + <desc>A vulnerability has been reported in WordPress, which can be exploited by malicious people to cause a DoS (Denial of Service). + The vulnerability is caused due to the wp-trackback.php script letting users pass multiple source character encodings to the "mb_convert_encoding()" function, which can be used to cause a high CPU load, potentially resulting in a DoS.</desc> + </fsa> + <fsa> <id>628</id> <date>2010-03-01</date> <author>Miklos Vajna</author> _______________________________________________ Frugalware-git mailing list Frugalware-git@frugalware.org http://frugalware.org/mailman/listinfo/frugalware-git