From 0baf163f696419d07516a8346e6d0a62c18fc908 Mon Sep 17 00:00:00 2001 From: Thorsten Alteholz Date: Thu, 25 Nov 2021 23:34:21 +0100 Subject: mark CVE-2021-44223 as no-dsa for Stretch --- data/CVE/2021.list | 1 + 1 file changed, 1 insertion(+) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 1257dda9e3..d3de566b44 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -4,6 +4,7 @@ CVE-2021-44223 (WordPress before 5.8 lacks support for the Update URI plugin hea - wordpress 5.8.1+dfsg1-1 [bullseye] - wordpress (Minor issue; workarounds/mitigation for older versions can be implemented) [buster] - wordpress (Minor issue; workarounds/mitigation for older versions can be implemented) + [stretch] - wordpress (Minor issue; workarounds/mitigation for older versions can be implemented) NOTE: WordPress 5.8 introduces a new "Update URI" plugin header. Further mitigation NOTE: options documented in: NOTE: https://vavkamil.cz/2021/11/25/wordpress-plugin-confusion-update-can-get-you-pwned/ -- cgit v1.2.3