oss-sec mailing list archives
CVEs for wordpress 3.4.2 release
From: Hanno Boeck <hanno () hboeck de>
Date: Wed, 12 Sep 2012 13:38:14 +0300
I can't find CVEs assigend for the issues fixed in wordpress 3.4.2. http://wordpress.org/news/2012/09/wordpress-3-4-2/ Sadly, the information is quite limited: "Version 3.4.2 also fixes a few security issues and contains some security hardening. The vulnerabilities included potential privilege escalation and a bug that affects multisite installs with untrusted users. These issues were discovered and fixed by the WordPress security team." I suggest assigning two: 1. potential privilege escalation 2. problem with untrusted users on multisite installations unless someone has more information.
Current thread:
- CVEs for wordpress 3.4.2 release Hanno Boeck (Sep 12)
- Re: CVEs for wordpress 3.4.2 release Kurt Seifried (Sep 12)
- Re: CVEs for wordpress 3.4.2 release Andrew Nacin (Sep 12)
- Re: CVEs for wordpress 3.4.2 release Kurt Seifried (Sep 13)
- Re: CVEs for wordpress 3.4.2 release Andrew Nacin (Sep 12)
- Re: CVEs for wordpress 3.4.2 release Yves-Alexis Perez (Sep 13)
- Re: CVEs for wordpress 3.4.2 release Kurt Seifried (Sep 13)
- Re: CVEs for wordpress 3.4.2 release Kurt Seifried (Sep 12)