|
|
Subscribe / Log in / New account

Mageia alert MGASA-2013-0285 (wordpress)



From:
    	      Mageia Updates <buildsystem-daemon@mageia.org> 


To:
    	      updates-announce@ml.mageia.org 


Subject:
    	      [updates-announce] MGASA-2013-0285: Updated wordpress and php-phpmailer packages fix security vulnerabilities 


Date:
    	      Thu, 19 Sep 2013 11:45:09 +0200


Message-ID:
    	      <20130919094509.3F9845B0BF@valstar.mageia.org>



MGASA-2013-0285 - Updated wordpress and php-phpmailer packages fix security vulnerabilities

Publication date: 19 Sep 2013
URL: http://advisories.mageia.org/MGASA-2013-0285.html
Type: security
Affected Mageia releases: 2, 3
CVE: CVE-2013-4338,
     CVE-2013-4339,
     CVE-2013-4340,
     CVE-2013-5738,
     CVE-2013-5739

Description:
wp-includes/functions.php in WordPress before 3.6.1 does not properly
determine whether data has been serialized, which allows remote
attackers to execute arbitrary code by triggering erroneous PHP
unserialize operations (CVE-2013-4338).

WordPress before 3.6.1 does not properly validate URLs before use in
an HTTP redirect, which allows remote attackers to bypass intended
redirection restrictions via a crafted string (CVE-2013-4339).

wp-admin/includes/post.php in WordPress before 3.6.1 allows remote
authenticated users to spoof the authorship of a post by leveraging
the Author role and providing a modified user_ID parameter
(CVE-2013-4340).

The get_allowed_mime_types function in wp-includes/functions.php in
WordPress before 3.6.1 does not require the unfiltered_html capability
for uploads of .htm and .html files, which might make it easier for
remote authenticated users to conduct cross-site scripting (XSS)
attacks via a crafted file (CVE-2013-5738).

The default configuration of WordPress before 3.6.1 does not prevent
uploads of .swf and .exe files, which might make it easier for remote
authenticated users to conduct cross-site scripting (XSS) attacks via
a crafted file, related to the get_allowed_mime_types function in
wp-includes/functions.php (CVE-2013-5739).

Additionally, php-phpmailer has been updated to a newer version required
by the updated wordpress.

References:
- https://bugs.mageia.org/show_bug.cgi?id=11218
- http://wordpress.org/news/2013/09/wordpress-3-6-1/
- http://www.debian.org/security/2013/dsa-2757
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4338
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4339
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4340
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5738
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5739

SRPMS:
- 3/core/wordpress-3.6.1-1.mga3
- 3/core/php-phpmailer-5.2.7-0.20130917.1.mga3
- 2/core/wordpress-3.6.1-1.mga2
- 2/core/php-phpmailer-5.2.7-0.20130917.1.mga2
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds