Debian alert DLA-1960-1 (wordpress)
| From: | Markus Koschany <apo@debian.org> | |
| To: | debian-lts-announce@lists.debian.org | |
| Subject: | [SECURITY] [DLA 1960-1] wordpress security update | |
| Date: | Thu, 17 Oct 2019 22:21:46 +0200 | |
| Message-ID: | <9f0a02a2-a531-b61b-366d-8b08263c22a0@debian.org> |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : wordpress Version : 4.1.27+dfsg-0+deb8u1 CVE ID : CVE-2019-16217 CVE-2019-16218 CVE-2019-16219 CVE-2019-16220 CVE-2019-16221 CVE-2019-16222 CVE-2019-16223 Debian Bug : 939543 Several cross-site scripting (XSS) vulnerabilities were discovered in Wordpress, a popular content management framework. An attacker can use these flaws to send malicious scripts to an unsuspecting user. For Debian 8 "Jessie", these problems have been fixed in version 4.1.27+dfsg-0+deb8u1. We recommend that you upgrade your wordpress packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl2ozVpfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeQJaRAAsG5l/QQmH0h9s7YrzngFdVQ5NT5nC99fN/eQd39jX49qoxx7nBTvsx4Y 7HGjdYFZOBkPy46EHAGT65e8ZncPMHDWBFwTWn4mOYrc74TTlCP3A4/HwQl4SLPA uXyeItAyetDLvP1zKdqLml2n8eOfEbivRiozznoKkxDNu1lhc2ZU4SR1ge5oxItD 0wgUr/YxXGrpgmC46pK8KJXF5wzejoCwwwL91d3zGyqEB953+C5biHnmR9XbYasj eMCSw2D27Zggpeqhki61TlKWK4Snsum8ZRl+WyN34eDtsCvfIpcTyGNUTZkaajrX y2sIohWuCgiRuEuefc0v7gydkfYMuc71WrJLBG7G56B/oNJJynjrN5E+zsGte8xw ShVez6rKYy1zUhxtA3aq3q+c22ZtMpidlYCLIm5gfIKss3c65qFU5My6QBdvOnBE +xbSZb2zCEnbO13Se25dcWgkVzLNv/rUQ515Pijm4+Tv3hnFHFMf1X4wLvxKzoPJ Q9b5wh5sG0nYgTBn4xw4jI27fP8qA88jkBK3uTRQ31ePnrD8IlSwPhsKSYRSxvar dbh9SdDFxJv4lePbUVEf3s4n+u/RMLAauWQyfFiBJzVmrjfLROP2rcH6sFp2qP6J ghEV/ZQzwYsu2dbseGRFxXyu2nCaKYRro33AWrHi3hBDB893FnE= =PPNY -----END PGP SIGNATURE-----