[Secure-testing-commits] r49484 - data/CVE

Salvatore Bonaccorso Tue, 07 Mar 2017 03:47:03 -0800

Author: carnil
Date: 2017-03-07 11:46:12 +0000 (Tue, 07 Mar 2017)
New Revision: 49484


Modified:
   data/CVE/list
Log:
wordpress fixed in unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-03-07 11:26:00 UTC (rev 49483)
+++ data/CVE/list       2017-03-07 11:46:12 UTC (rev 49484)
@@ -1,28 +1,28 @@
 CVE-2017-XXXX [Cross-site scripting (XSS) via media file metadata]
-       - wordpress <unfixed> (bug #857026)
+       - wordpress 4.7.3+dfsg-1 (bug #857026)
        NOTE: 
https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
        NOTE: 
https://github.com/WordPress/WordPress/commit/28f838ca3ee205b6f39cd2bf23eb4e5f52796bd7
 CVE-2017-XXXX [Control characters can trick redirect URL validation]
-       - wordpress <unfixed> (bug #857026)
+       - wordpress 4.7.3+dfsg-1 (bug #857026)
        NOTE: 
https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
        NOTE: 
https://github.com/WordPress/WordPress/commit/288cd469396cfe7055972b457eb589cea51ce40e
 CVE-2017-XXXX [Unintended files can be deleted by administrators using the 
plugin deletion functionality]
-       - wordpress <unfixed> (bug #857026)
+       - wordpress 4.7.3+dfsg-1 (bug #857026)
        [jessie] - wordpress <not-affected> (Only affects 4.7.x)
        [wheezy] - wordpress <not-affected> (Only affects 4.7.x)
        NOTE: 
https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
        NOTE: 
https://github.com/WordPress/WordPress/commit/4d80f8b3e1b00a3edcee0774dc9c2f4c78f9e663
 CVE-2017-XXXX [Cross-site scripting (XSS) via video URL in YouTube embeds]
-       - wordpress <unfixed> (bug #857026)
+       - wordpress 4.7.3+dfsg-1 (bug #857026)
        NOTE: 
https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
        NOTE: 
https://github.com/WordPress/WordPress/commit/419c8d97ce8df7d5004ee0b566bc5e095f0a6ca8
 CVE-2017-XXXX [Cross-site scripting (XSS) via taxonomy term names]
-       - wordpress <unfixed> (bug #857026)
+       - wordpress 4.7.3+dfsg-1 (bug #857026)
        [jessie] - wordpress <not-affected> (Only affects 4.7.x)
        [wheezy] - wordpress <not-affected> (Only affects 4.7.x)
        NOTE: 
https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
 CVE-2017-XXXX [Cross-site request forgery (CSRF) in Press This leading to 
excessive use of server resources]
-       - wordpress <unfixed> (bug #857026)
+       - wordpress 4.7.3+dfsg-1 (bug #857026)
        [jessie] - wordpress <not-affected> (Only affects 4.2 and later)
        [wheezy] - wordpress <not-affected> (Only affects 4.2 and later)
        NOTE: 
https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r49484 - data/CVE

Reply via email to