Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in wordpress
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in wordpress
ID: FEDORA-2015-12750
Distribution: Fedora
Plattformen: Fedora 23
Datum: Mo, 10. August 2015, 12:43
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5733
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5730
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2213
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5731
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5732
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5734
Applikationen: wordpress

Originalnachricht

Name        : wordpress
Product : Fedora 23
Version : 4.2.4
Release : 1.fc23
URL : http://www.wordpress.org
Summary : Blog tool and publishing platform
Description :
Wordpress is an online publishing / weblog package that makes it very easy,
almost trivial, to get information out to people on the web.

Important information in /usr/share/doc/wordpress/README.fedora

-------------------------------------------------------------------------------
-
Update Information:

**WordPress 4.2.4 Security and Maintenance Release**

WordPress 4.2.4 is now available. This is a security release for all previous
versions and we strongly encourage you to update your sites immediately.

This release addresses six issues, including three cross-site scripting
vulnerabilities and a potential SQL injection that could be used to compromise a site, which were discovered by Marc-Alexandre Montpas of Sucuri, Helen Hou-Sandí of the WordPress security team, Netanel Rubin of Check Point, and Ivan Grigorov. It also includes a fix for a potential timing side-channel attack, discovered by Johannes Schmitt of Scrutinizer, and prevents an attacker from locking a post from being edited, discovered by Mohamed A. Baset.

Our thanks to those who have practiced responsible disclosure of security
issues.

WordPress 4.2.4 also fixes four bugs. For more information, see:
the release notes or consult the list of changes.
* the release notes: https://codex.wordpress.org/Version_4.2.4
* the list of changes: https://core.trac.wordpress.org/log/branches/4.2?rev=33573&stop_rev=33396

-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1250583 - CVE-2015-2213 CVE-2015-5730 CVE-2015-5731 CVE-2015-5732
CVE-2015-5733 CVE-2015-5734 wordpress: cross-site scripting vulnerabilities and a potential SQL injection
https://bugzilla.redhat.com/show_bug.cgi?id=1250583
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update wordpress' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Gewinnspiel
Neue Nachrichten
Werbung