Date: Wed, 12 Sep 2012 13:38:14 +0300 From: Hanno Boeck <hanno@...eck.de> To: oss-security@...ts.openwall.com Subject: CVEs for wordpress 3.4.2 release I can't find CVEs assigend for the issues fixed in wordpress 3.4.2. http://wordpress.org/news/2012/09/wordpress-3-4-2/ Sadly, the information is quite limited: "Version 3.4.2 also fixes a few security issues and contains some security hardening. The vulnerabilities included potential privilege escalation and a bug that affects multisite installs with untrusted users. These issues were discovered and fixed by the WordPress security team." I suggest assigning two: 1. potential privilege escalation 2. problem with untrusted users on multisite installations unless someone has more information.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.