Debian alert DSA-3681-1 (wordpress)
| From: | Yves-Alexis Perez <corsac@debian.org> | |
| To: | debian-security-announce@lists.debian.org | |
| Subject: | [SECURITY] [DSA 3681-1] wordpress security update | |
| Date: | Thu, 29 Sep 2016 22:07:25 +0200 | |
| Message-ID: | <20160929200723.mzbc2lqxp2lfe5is@corsac.net> |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3681-1 security@debian.org https://www.debian.org/security/ Yves-Alexis Perez September 29, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wordpress CVE ID : CVE-2016-4029 CVE-2016-6634 CVE-2016-6635 CVE-2016-7168 CVE-2016-7169 Debian Bug : 837090 Several vulnerabilities were discovered in wordpress, a web blogging tool, which could allow remote attackers to compromise a site via cross-site scripting, cross-site request forgery, path traversal, or bypass restrictions. For the stable distribution (jessie), these problems have been fixed in version 4.1+dfsg-1+deb8u10. We recommend that you upgrade your wordpress packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJX7XR4AAoJEG3bU/KmdcClUUYH/A0UmlQsOhXnHoEvCBtKwAET CrW5pOldjpjsEuGJgMCgqZlZzvlqf/OWjcK2Tz1tq2G3VfzKxKMPBJGljw5Z3+2y nQ/LappcQKSp8vxun/9cFUfsdUIJY+06dorXd30JvRGmziC1EY1TqqOAn723oq7Z vz9fmhZkt8GRAQfSV04GmRIZlZyTR3mhP/U/Xlj3lrGaC7fFoqu9pFtNdP7lUGTa ckSnqD2gZ+Tdywy1dnUgN8ff6koUFxs5UZ9WkpoGh5aI+TwYSm0n8XZVaFD07kEK xnqOVc8TG89l3+rSwcsM9nwhvc75Oh5Q8sTtuVToyFKl9FwRxjJo185zsk6vFKU= =zrWl -----END PGP SIGNATURE-----