Author: jmm
Date: 2017-01-14 21:28:01 +0000 (Sat, 14 Jan 2017)
New Revision: 48065
Modified:
data/CVE/list
Log:
wordpress CVEfied
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-14 21:10:12 UTC (rev 48064)
+++ data/CVE/list 2017-01-14 21:28:01 UTC (rev 48065)
@@ -1,33 +1,33 @@
-CVE-2017-XXXX [WordPress 4.7 - User Information Disclosure via REST API]
+CVE-2017-5487 [WordPress 4.7 - User Information Disclosure via REST API]
- wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8715
NOTE:
https://github.com/WordPress/WordPress/commit/daf358983cc1ce0c77bf6d2de2ebbb43df2add60
-CVE-2017-XXXX [WordPress 2.9-4.7 - Authenticated Cross-Site scripting (XSS) in
update-core.php]
+CVE-2017-5488 [WordPress 2.9-4.7 - Authenticated Cross-Site scripting (XSS) in
update-core.php]
- wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8716
NOTE:
https://github.com/WordPress/WordPress/blob/c9ea1de1441bb3bda133bf72d513ca9de66566c2/wp-admin/update-core.php
-CVE-2017-XXXX [WordPress 4.7 - Cross-Site Request Forgery (CSRF) via Flash
Upload]
+CVE-2017-5489 [WordPress 4.7 - Cross-Site Request Forgery (CSRF) via Flash
Upload]
- wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8717
-CVE-2017-XXXX [WordPress 3.4-4.7 - Stored Cross-Site Scripting (XSS) via Theme
Name fallback]
+CVE-2017-5490 [WordPress 3.4-4.7 - Stored Cross-Site Scripting (XSS) via Theme
Name fallback]
- wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8718
NOTE:
https://github.com/WordPress/WordPress/commit/ce7fb2934dd111e6353784852de8aea2a938b359
-CVE-2017-XXXX [WordPress <= 4.7 - Post via Email Checks mail.example.com by
Default]
+CVE-2017-5491 [WordPress <= 4.7 - Post via Email Checks mail.example.com by
Default]
- wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8719
NOTE:
https://github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a
-CVE-2017-XXXX [WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request
Forgery (CSRF)]
+CVE-2017-5492 [WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request
Forgery (CSRF)]
- wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8720
NOTE:
https://github.com/WordPress/WordPress/commit/03e5c0314aeffe6b27f4b98fef842bf0fb00c733
-CVE-2017-XXXX [WordPress 3.0-4.7 - Cryptographically Weak Pseudo-Random Number
Generator (PRNG)]
+CVE-2017-5493 [WordPress 3.0-4.7 - Cryptographically Weak Pseudo-Random Number
Generator (PRNG)]
- wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8721
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
