Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 12 Sep 2012 13:38:14 +0300
From: Hanno Boeck <>
Subject: CVEs for wordpress 3.4.2 release

I can't find CVEs assigend for the issues fixed in wordpress 3.4.2.

Sadly, the information is quite limited:
"Version 3.4.2 also fixes a few security issues and contains some
security hardening. The vulnerabilities included potential privilege
escalation and a bug that affects multisite installs with untrusted
users. These issues were discovered and fixed by the WordPress security

I suggest assigning two:
1. potential privilege escalation
2. problem with untrusted users on multisite installations
unless someone has more information.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.