From nobody Wed Apr 10 19:39:08 2024 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VFCnS5yQHz5FySv; Wed, 10 Apr 2024 19:39:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4VFCnS5L6Mz4Qxc; Wed, 10 Apr 2024 19:39:08 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1712777948; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=0xLrdBcxacHg53pj39C/VO2Ic6t2ZH0DUqbM+efHVr0=; b=o6tsDfzGZFZ5D/CYTbbqxEg65cBh1DweOabkn+o3fB2RpSpPPO0vVdQLTqitKYFTe0Tw+c qd2RIraqUahI/GKfsbLE/dtHha3X1CI01YFtq/5RtxTPLOb/ZxHU1gXTJIDKdkvhZiF4YL n9NjI92tWDYoTJdrH/g1dk4gxlbSeFCGj4rfYxbstCMQv7xwlvxx5WNXZ2HgBQxJawfUte /3Op9sK/166QnxTWC/rvy3Wh1eqadBbesnunuvAh6jZKofNmCXy2+2hyxv1fdhX7pH9ioP jeRlzKcICZI12lt0NxRpuBwx3cidbVv4mhiwl7ZaXbaE4a4d4JbFhH7VoMF3cg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1712777948; a=rsa-sha256; cv=none; b=n5kXpdFmSadGdb9/nosjQsa5zJ6Gd31flT0r14WiOnE39CHl7d9Ju2xbt3O//u5J2ABuUp mC7DoX02/LJ+OXOha1mqYp4SrophjLp1btYMS63x7Y1sneYNLUegBuPXjWCPbjLT+rgfeI g+U57oHXkbtdHZjeumxeALyHyZJ+Zl/SV5cFV9FJgpOI+Jr0BfoQO35iVukF0djjS4oxYP Sjxsgzww0zwwGxBEsRg84G7MEXCWxfdwNu/rX7C/HC3PJFfaX/H7neN7V3/bzBK73Tf9RB WM3DVeK9bLFNC+sfTDhcQMvG5Dg5YTOGtOdV1FQzFhcbdi7Ukpew3QbHMJddfQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1712777948; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=0xLrdBcxacHg53pj39C/VO2Ic6t2ZH0DUqbM+efHVr0=; b=T2AmXwXBrnwLmn+gbgQNc4oEacI5tPOphLanVsc9X9OEvZSK5DlNvbWl6dZP9YBX/67MRw O47of+AVLCcjuEN0IAs7VyYth1zKY4NWovVIXddr9JdH/4GEH0oguwX69JSKpFB0LgnAth 45lGp+UVUj8H81QaHPthtN3NVIUFVabF09U3WC+iRnX+BtHyCEwQZtZAZMK4ZZd+O6yfH8 pOX+34T0cm0Ja9lNI6zrQJ6JBIPMVbnlXrcNHIV4b7bpsjWIU1kHb2L8zZaLw4fAke7EBM K0rs//ugPplwybhHYCd2aUeBt5EPf0zDE5NpH+cYmYSe/0Nswx86vM9v8RckpQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4VFCnS4pgPzr5q; Wed, 10 Apr 2024 19:39:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 43AJd8qs034318; Wed, 10 Apr 2024 19:39:08 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 43AJd8YK034315; Wed, 10 Apr 2024 19:39:08 GMT (envelope-from git) Date: Wed, 10 Apr 2024 19:39:08 GMT Message-Id: <202404101939.43AJd8YK034315@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Florian Smeets Subject: git: 76efbdd6eeb3 - main - security/vuxml: Add wordpress vulnerability List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: dev-commits-ports-main+owner@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: flo X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 76efbdd6eeb3a2f91cfe2111400ccc998f8d3311 Auto-Submitted: auto-generated The branch main has been updated by flo: URL: https://cgit.FreeBSD.org/ports/commit/?id=76efbdd6eeb3a2f91cfe2111400ccc998f8d3311 commit 76efbdd6eeb3a2f91cfe2111400ccc998f8d3311 Author: Florian Smeets AuthorDate: 2024-04-10 18:19:38 +0000 Commit: Florian Smeets CommitDate: 2024-04-10 19:38:12 +0000 security/vuxml: Add wordpress vulnerability --- security/vuxml/vuln/2024.xml | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/security/vuxml/vuln/2024.xml b/security/vuxml/vuln/2024.xml index cb4868cdd040..1984d1bbe8b3 100644 --- a/security/vuxml/vuln/2024.xml +++ b/security/vuxml/vuln/2024.xml @@ -1,3 +1,39 @@ + + wordpress -- XSS + + + wordpress + fr-wordpress-fr_FR + 6.5.0,16.5.1,1 + 6.4.4,1 + + + ru-wordpress-ru_RU + ja-wordpress-ja + zh-wordpress-zh_CN + zh-wordpress-zh_TW + de-wordpress-de_DE + 6.5.06.5.1 + 6.4.4 + + + + +

The Wordpress team reports:

+
+

A cross-site scripting (XSS) vulnerability affecting the Avatar block type

+
+ + + + https://wordpress.org/documentation/wordpress-version/version-6-4-4/ + + + 2024-04-09 + 2024-04-10 + + + Apache httpd -- multiple vulnerabilities