Author: jmm Date: 2017-01-14 21:28:01 +0000 (Sat, 14 Jan 2017) New Revision: 48065
Modified: data/CVE/list Log: wordpress CVEfied Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-01-14 21:10:12 UTC (rev 48064) +++ data/CVE/list 2017-01-14 21:28:01 UTC (rev 48065) @@ -1,33 +1,33 @@ -CVE-2017-XXXX [WordPress 4.7 - User Information Disclosure via REST API] +CVE-2017-5487 [WordPress 4.7 - User Information Disclosure via REST API] - wordpress 4.7.1+dfsg-1 (bug #851310) NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1 NOTE: https://wpvulndb.com/vulnerabilities/8715 NOTE: https://github.com/WordPress/WordPress/commit/daf358983cc1ce0c77bf6d2de2ebbb43df2add60 -CVE-2017-XXXX [WordPress 2.9-4.7 - Authenticated Cross-Site scripting (XSS) in update-core.php] +CVE-2017-5488 [WordPress 2.9-4.7 - Authenticated Cross-Site scripting (XSS) in update-core.php] - wordpress 4.7.1+dfsg-1 (bug #851310) NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1 NOTE: https://wpvulndb.com/vulnerabilities/8716 NOTE: https://github.com/WordPress/WordPress/blob/c9ea1de1441bb3bda133bf72d513ca9de66566c2/wp-admin/update-core.php -CVE-2017-XXXX [WordPress 4.7 - Cross-Site Request Forgery (CSRF) via Flash Upload] +CVE-2017-5489 [WordPress 4.7 - Cross-Site Request Forgery (CSRF) via Flash Upload] - wordpress 4.7.1+dfsg-1 (bug #851310) NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1 NOTE: https://wpvulndb.com/vulnerabilities/8717 -CVE-2017-XXXX [WordPress 3.4-4.7 - Stored Cross-Site Scripting (XSS) via Theme Name fallback] +CVE-2017-5490 [WordPress 3.4-4.7 - Stored Cross-Site Scripting (XSS) via Theme Name fallback] - wordpress 4.7.1+dfsg-1 (bug #851310) NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1 NOTE: https://wpvulndb.com/vulnerabilities/8718 NOTE: https://github.com/WordPress/WordPress/commit/ce7fb2934dd111e6353784852de8aea2a938b359 -CVE-2017-XXXX [WordPress <= 4.7 - Post via Email Checks mail.example.com by Default] +CVE-2017-5491 [WordPress <= 4.7 - Post via Email Checks mail.example.com by Default] - wordpress 4.7.1+dfsg-1 (bug #851310) NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1 NOTE: https://wpvulndb.com/vulnerabilities/8719 NOTE: https://github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a -CVE-2017-XXXX [WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request Forgery (CSRF)] +CVE-2017-5492 [WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request Forgery (CSRF)] - wordpress 4.7.1+dfsg-1 (bug #851310) NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1 NOTE: https://wpvulndb.com/vulnerabilities/8720 NOTE: https://github.com/WordPress/WordPress/commit/03e5c0314aeffe6b27f4b98fef842bf0fb00c733 -CVE-2017-XXXX [WordPress 3.0-4.7 - Cryptographically Weak Pseudo-Random Number Generator (PRNG)] +CVE-2017-5493 [WordPress 3.0-4.7 - Cryptographically Weak Pseudo-Random Number Generator (PRNG)] - wordpress 4.7.1+dfsg-1 (bug #851310) NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/14/1 NOTE: https://wpvulndb.com/vulnerabilities/8721 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits