1
Candidate: CVE-2016-2221
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2221
5
https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/
6
https://core.trac.wordpress.org/changeset/36444
7
http://www.openwall.com/lists/oss-security/2016/02/04/4
9
Open redirect vulnerability in the wp_validate_redirect function in
10
wp-includes/pluggable.php in WordPress before 4.4.2 allows remote attackers
11
to redirect users to arbitrary web sites and conduct phishing attacks via a
12
malformed URL that triggers incorrect hostname parsing, as demonstrated by
13
an https:example.com URL.
17
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813697
23
upstream_wordpress: released (4.4.2+dfsg-1)
24
precise_wordpress: ignored (reached end-of-life)
25
precise/esm_wordpress: DNE (precise was needed)
26
trusty_wordpress: needed
27
vivid/stable-phone-overlay_wordpress: DNE
28
vivid/ubuntu-core_wordpress: DNE
29
wily_wordpress: ignored (reached end-of-life)
30
xenial_wordpress: needed
31
yakkety_wordpress: ignored (reached end-of-life)
32
zesty_wordpress: ignored (reached end-of-life)
33
artful_wordpress: needed
34
bionic_wordpress: needed
35
devel_wordpress: needed