[Secure-testing-commits] r43553 - data/CVE

Markus Koschany Thu, 28 Jul 2016 04:54:04 -0700

Author: apo
Date: 2016-07-28 11:53:24 +0000 (Thu, 28 Jul 2016)
New Revision: 43553


Modified:
   data/CVE/list
Log:
Add some notes about CVE-2016-5836


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-07-28 11:30:38 UTC (rev 43552)
+++ data/CVE/list       2016-07-28 11:53:24 UTC (rev 43553)
@@ -2300,6 +2300,9 @@
        NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
 CVE-2016-5836 (The oEmbed protocol implementation in WordPress before 4.5.3 
allows ...)
        - wordpress 4.5.3+dfsg-1
+       NOTE: (Possible upstream ticket) 
https://core.trac.wordpress.org/ticket/36767
+       NOTE: Fixed by (Branch 4.4) 
https://core.trac.wordpress.org/changeset/37798
+       NOTE: Check if this makes sense. Seems to be the only change regarding 
oEmbed in 4.5.3
        NOTE: https://wordpress.org/news/2016/06/wordpress-4-5-3/
 CVE-2016-5835 (WordPress before 4.5.3 allows remote attackers to obtain 
sensitive ...)
        - wordpress 4.5.3+dfsg-1


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43553 - data/CVE

Reply via email to