Antoine Beaupré pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
73ccae4c by Antoine Beaupré at 2018-02-16T16:33:14-05:00
add wordpress to dla-needed, add details in the issue
this seems like a severe enough to warrant a patch, even though
upstream isn't ready yet.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2190,6 +2190,8 @@ CVE-2018-6389 (In WordPress through 4.9.2,
unauthenticated attackers can cause a
NOTE:
https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html
NOTE: https://thehackernews.com/2018/02/wordpress-dos-exploit.html
NOTE: https://wpvulndb.com/vulnerabilities/9021
+ NOTE: disputed by upstream as best fixed at the server level
+ NOTE: patch in progress in https://core.trac.wordpress.org/ticket/43308
CVE-2018-6388 (iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices allow
remote ...)
NOT-FOR-US: iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices
CVE-2018-6387 (iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a
hardcoded ...)
=====================================
data/dla-needed.txt
=====================================
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -90,3 +90,5 @@ suricata (Santiago R.R.)
NOTE: upstream and ask for a clarification?
--
wavpack
+--
+wordpress
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/73ccae4c91a7881dffcd7471dfc7c4b8c3be76bb
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/73ccae4c91a7881dffcd7471dfc7c4b8c3be76bb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
