[Secure-testing-commits] r51725 - data/CVE

Salvatore Bonaccorso Thu, 18 May 2017 08:57:39 -0700

Author: carnil
Date: 2017-05-18 15:57:24 +0000 (Thu, 18 May 2017)
New Revision: 51725


Modified:
   data/CVE/list
Log:
Record CVEs for wordpress issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-05-18 15:45:55 UTC (rev 51724)
+++ data/CVE/list       2017-05-18 15:57:24 UTC (rev 51725)
@@ -101,24 +101,30 @@
        NOT-FOR-US: HooHoo Trip Mate
 CVE-2017-9025 (Heap buffer overflow in vshttpd (aka ioos) in HooToo Trip Mate 
6 (TM6) ...)
        NOT-FOR-US: HooHoo Trip Mate
-CVE-2017-XXXX [A cross-site scripting (XSS) vulnerability was discovered 
related to the Customizer]
+CVE-2017-9066
        - wordpress 4.7.5+dfsg-1 (bug #862816)
        NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
-CVE-2017-XXXX [A cross-site scripting (XSS) vulnerability was discovered when 
attempting to upload very large files]
+       NOTE: 
https://github.com/WordPress/WordPress/commit/76d77e927bb4d0f87c7262a50e28d84e01fd2b11
+CVE-2017-9065
        - wordpress 4.7.5+dfsg-1 (bug #862816)
        NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
-CVE-2017-XXXX [A Cross Site Request Forgery (CRSF) vulnerability was 
discovered in the filesystem credentials dialog]
+       NOTE: 
https://github.com/WordPress/WordPress/commit/e88a48a066ab2200ce3091b131d43e2fab2460a4
+CVE-2017-9064
        - wordpress 4.7.5+dfsg-1 (bug #862816)
        NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
-CVE-2017-XXXX [Lack of capability checks for post meta data in the XML-RPC API]
+       NOTE: 
https://github.com/WordPress/WordPress/commit/38347d7c580be4cdd8476e4bbc653d5c79ed9b67
+CVE-2017-9063
        - wordpress 4.7.5+dfsg-1 (bug #862816)
        NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
-CVE-2017-XXXX [Improper handling of post meta data values in the XML-RPC API]
+       NOTE: 
https://github.com/WordPress/WordPress/commit/3d10fef22d788f29aed745b0f5ff6f6baea69af3
+CVE-2017-9062
        - wordpress 4.7.5+dfsg-1 (bug #862816)
        NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
-CVE-2017-XXXX [Insufficient redirect validation in the HTTP class]
+       NOTE: 
https://github.com/WordPress/WordPress/commit/3d95e3ae816f4d7c638f40d3e936a4be19724381
+CVE-2017-9061
        - wordpress 4.7.5+dfsg-1 (bug #862816)
        NOTE: https://wordpress.org/news/2017/05/wordpress-4-7-5/
+       NOTE: 
https://github.com/WordPress/WordPress/commit/8c7ea71edbbffca5d9766b7bea7c7f3722ffafa6
 CVE-2017-9024
        RESERVED
 CVE-2017-9023


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r51725 - data/CVE

Reply via email to