Your message dated Wed, 5 Mar 2008 09:40:31 +0000
with message-id <[EMAIL PROTECTED]>
and subject line CVE-2007-6318 is resolved
has caused the Debian Bug report #456277,
regarding CVE-2007-6318: SQL injection vulnerability in wp-includes/query.php
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
456277: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456277
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: wordpress
Severity: important
Tags: security
Hi
The following CVE[0] has been issued against wordpress.
CVE-2007-6318:
SQL injection vulnerability in wp-includes/query.php in WordPress 2.3.1
and earlier allows remote attackers to execute arbitrary SQL commands
via the s parameter, when DB_CHARSET is set to (1) Big5, (2) GBK, or
possibly other character set encodings that support a "\" in a multibyte
character.
Please mention the CVE id in your changelog, if you fix this.
Cheers
Steffen
[0]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6318
--- End Message ---
--- Begin Message ---
Track security bugs here:
http://security-tracker.debian.net/tracker/source-package/wordpress
--- End Message ---
