Author: sectracker
Date: 2017-02-01 09:10:12 +0000 (Wed, 01 Feb 2017)
New Revision: 48646
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-02-01 08:40:06 UTC (rev 48645)
+++ data/CVE/list 2017-02-01 09:10:12 UTC (rev 48646)
@@ -226,14 +226,17 @@
CVE-2017-5598 (An issue was discovered in eClinicalWorks healow@work 8.0 build
8. This ...)
NOT-FOR-US: eClinicalWorks
CVE-2017-5612 (Cross-site scripting (XSS) vulnerability in ...)
+ {DLA-813-1}
- wordpress 4.7.2+dfsg-1 (bug #852767)
NOTE:
https://github.com/WordPress/WordPress/commit/4482f9207027de8f36630737ae085110896ea849
NOTE: http://www.openwall.com/lists/oss-security/2017/01/27/2
CVE-2017-5611 (SQL injection vulnerability in wp-includes/class-wp-query.php
in ...)
+ {DLA-813-1}
- wordpress 4.7.2+dfsg-1 (bug #852767)
NOTE:
https://github.com/WordPress/WordPress/commit/85384297a60900004e27e417eac56d24267054cb
NOTE: http://www.openwall.com/lists/oss-security/2017/01/27/2
CVE-2017-5610 (wp-admin/includes/class-wp-press-this.php in Press This in
WordPress ...)
+ {DLA-813-1}
- wordpress 4.7.2+dfsg-1 (bug #852767)
NOTE:
https://github.com/WordPress/WordPress/commit/21264a31e0849e6ff793a06a17de877dd88ea454
NOTE: http://www.openwall.com/lists/oss-security/2017/01/27/2
@@ -1231,30 +1234,36 @@
NOTE: https://wpvulndb.com/vulnerabilities/8715
NOTE:
https://github.com/WordPress/WordPress/commit/daf358983cc1ce0c77bf6d2de2ebbb43df2add60
CVE-2017-5488 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ {DLA-813-1}
- wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8716
NOTE:
https://github.com/WordPress/WordPress/blob/c9ea1de1441bb3bda133bf72d513ca9de66566c2/wp-admin/update-core.php
CVE-2017-5489 (Cross-site request forgery (CSRF) vulnerability in WordPress
before ...)
+ {DLA-813-1}
- wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8717
CVE-2017-5490 (Cross-site scripting (XSS) vulnerability in the theme-name
fallback ...)
+ {DLA-813-1}
- wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8718
NOTE:
https://github.com/WordPress/WordPress/commit/ce7fb2934dd111e6353784852de8aea2a938b359
CVE-2017-5491 (wp-mail.php in WordPress before 4.7.1 might allow remote
attackers to ...)
+ {DLA-813-1}
- wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8719
NOTE:
https://github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a
CVE-2017-5492 (Cross-site request forgery (CSRF) vulnerability in the
widget-editing ...)
+ {DLA-813-1}
- wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8720
NOTE:
https://github.com/WordPress/WordPress/commit/03e5c0314aeffe6b27f4b98fef842bf0fb00c733
CVE-2017-5493 (wp-includes/ms-functions.php in the Multisite WordPress API in
...)
+ {DLA-813-1}
- wordpress 4.7.1+dfsg-1 (bug #851310)
NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1
NOTE: https://wpvulndb.com/vulnerabilities/8721
@@ -7635,7 +7644,7 @@
- libav <removed>
NOTE:
https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer
NOTE:
https://github.com/asarubbo/poc/blob/master/00037-libav-signedintoverflow-mpegvideo_parser
- NOTE: https://bugzilla.libav.org/show_bug.cgi?id=981
+ NOTE: https://bugzilla.libav.org/show_bug.cgi?id=981
NOTE:
https://git.libav.org/?p=libav.git;a=commit;h=9f0193c778175cea3fb43f17acf9b90b4d862d33
(pre 11.9)
NOTE:
https://git.libav.org/?p=libav.git;a=commit;h=15e1af0006354d6bbf0e433c5d1e8ef13c93d6d0
(pre 11.9)
CVE-2016-9821
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
