|
|
Subscribe / Log in / New account

Debian-LTS alert DLA-532-1 (movabletype-opensource)



From:
    	      Chris Lamb <lamby@debian.org> 


To:
    	      debian-lts-announce@lists.debian.org 


Subject:
    	      [SECURITY] [DLA 532-1] movabletype-opensource security update 


Date:
    	      Mon, 27 Jun 2016 20:54:17 +0100


Message-ID:
    	      <1467057257.2298995.650055873.59CB8FB3@webmail.messagingengine.com>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : movabletype-opensource
Version        : 5.1.4+dfsg-4+deb7u4
CVE ID         : CVE-2016-5742

It was discovered that there was a SQL injection vulnerability in
the XML-RPC interface in MovableType, a blogging engine.

For Debian 7 "Wheezy", this issue has been fixed in
movabletype-opensource version 5.1.4+dfsg-4+deb7u4.

We recommend that you upgrade your movabletype-opensource packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXcYRaAAoJEB6VPifUMR5Yg7IP/1vKKz6ajZtm64v0bzYK+Qkh
b47y4vIhQe4CkS5kDQtnLjR/tk3bAL87J/qoZMXCXurFSc/yXCdPZ3qgzIxdpU2g
Z3ZIgXi6UJXNaxNt2q+2lEoEZz2J1kDpC0w04ApSINkKHNRx7r8xTDHeZRoCb+3K
v60DDprGHdkX1Mz3sZsUVtHdKarYt5SwnKmLDzktKlgqIKIMDxaA0V27kuZ6CN+H
5e7k8gQ/hxHa140Z2qMbWZwvXYw2HL21RNud/fFmLvJyk0tvF13sfqu/Aa2n/Inq
XI1xhDnzWZdIwJ1MTXoYZf6OnsPRHI3x2AdT9FUdBDhuJctEZxp8UIoc/S+CM1Es
Od495FVtDAhOyOLwDRR8PFT9ZEujI1KLMs/Cyyk/+hLfwItT8vL0r1fXJZV0kFAr
y10ShoW02n+/j0P+FMZtzTu4Pm96U4gVKNA0LktS/owyaiuwcUqdUruRh23ZyyKh
/c/t8jHOrWlNoQmq6tqUxCD09sVAFfQ9hh9Ro9CZcTnHh+a1OkK32YzPrg3K2cBj
8OlASH+rksRU+cXP603vTFuHwVJ56F8SwJKACXUaH4eGwI8AQZZm7oThggNZiYPk
H8FnvcuIl6cUqTHrNyVI4kl5k/osMQcSVqMsHrLvMNT8c4ay8tupfSWdB7TQFOCO
kQZXZL3VhHEQZNK5sXBI
=YlIl
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds