[Bug 1022444] New: VUL-1: CVE-2017-5610: wordpress: unauthorized user's bypass
http://bugzilla.opensuse.org/show_bug.cgi?id=1022444 Bug ID: 1022444 Summary: VUL-1: CVE-2017-5610: wordpress: unauthorized user's bypass Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.2 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: mikhail.kasimov@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Ref: http://seclists.org/oss-sec/2017/q1/217 ============================================ The user interface for assigning taxonomy terms in Press This is shown to users who do not have permissions to use it. Reported by David Herrera of Alley Interactive. https://github.com/WordPress/WordPress/commit/21264a31e0849e6ff793a06a17de87... ============================================ Assigned: CVE-2017-5610 https://software.opensuse.org/package/wordpress 4.6.1 version for TW|42.(1|2) in server:php:applications repo. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1022444 Mikhail Kasimov <mikhail.kasimov@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Alias| |CVE-2017-5610 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1022444 http://bugzilla.opensuse.org/show_bug.cgi?id=1022444#c2 Andreas Stieger <astieger@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |chris@computersalat.de, | |ecsos@schirra.net, | |security-team@suse.de Component|Security |3rd party software Version|Leap 42.2 |unspecified Assignee|security-team@suse.de |ecsos@schirra.net Product|openSUSE Distribution |openSUSE.org QA Contact|qa-bugs@suse.de |opensuse-communityscreening | |@forge.provo.novell.com --- Comment #2 from Andreas Stieger <astieger@suse.com> --- the SUSE security team does not cover packages not currently in the distribution. Not treating as an incident, assign/cc community maintainers. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1022444 http://bugzilla.opensuse.org/show_bug.cgi?id=1022444#c3 Eric Schirra <ecsos@schirra.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #3 from Eric Schirra <ecsos@schirra.net> --- update packages in server:php:applications to version 7.7.2 -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com