svn commit: r433182 - head/security/vuxml
Ben Woods
woodsb02 at FreeBSD.org
Thu Feb 2 22:48:52 UTC 2017
Author: woodsb02
Date: Thu Feb 2 22:48:50 2017
New Revision: 433182
URL: https://svnweb.freebsd.org/changeset/ports/433182
Log:
Add additional vulnerability for wordpress 4.7.1 that was initially kept
quiet by the wordpress team [1].
[1] https://make.wordpress.org/core/2017/02/01/disclosure-of-additional-security-fix-in-wordpress-4-7-2/
Security: https://vuxml.FreeBSD.org/freebsd/54e50cd9-c1a8-11e6-ae1b-002590263bf5.html
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Thu Feb 2 22:25:18 2017 (r433181)
+++ head/security/vuxml/vuln.xml Thu Feb 2 22:48:50 2017 (r433182)
@@ -204,6 +204,8 @@ Notes:
themes from accidentally causing a vulnerability.</li>
<li>A cross-site scripting (XSS) vulnerability was discovered in the
posts list table.</li>
+ <li>An unauthenticated privilege escalation vulnerability was
+ discovered in a REST API endpoint.</li>
</ul>
</blockquote>
</body>
@@ -214,6 +216,7 @@ Notes:
<cvename>CVE-2017-5612</cvename>
<url>http://www.openwall.com/lists/oss-security/2017/01/28/5</url>
<url>https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/</url>
+ <url>https://make.wordpress.org/core/2017/02/01/disclosure-of-additional-security-fix-in-wordpress-4-7-2/</url>
</references>
<dates>
<discovery>2017-01-26</discovery>
More information about the svn-ports-all
mailing list