Name : wordpress Product : Fedora 32 Version : 5.5.3 Release : 1.fc32 URL : http://www.wordpress.org Summary : Blog tool and publishing platform Description : Wordpress is an online publishing / weblog package that makes it very easy, almost trivial, to get information out to people on the web.
Important information in /usr/share/doc/wordpress/README.fedora
**WordPress 5.5.3 Maintenance Release** This maintenance release fixes an issue introduced in WordPress 5.5.2 which makes it impossible to install WordPress on a brand new website that does not have a database connection configured. ---- **WordPress 5.5.2 Security and Maintenance Release** **Security Updates** * Props to Alex Concha of the WordPress Security Team for their work in hardening deserialization requests. * Props to David Binovec on a fix to disable spam embeds from disabled sites on a multisite network. * Thanks to Marc Montas from Sucuri for reporting an issue that could lead to XSS from global variables. * Thanks to Justin Tran who reported an issue surrounding privilege escalation in XML-RPC. He also found and disclosed an issue around privilege escalation around post commenting via XML-RPC. * Props to Omar Ganiev who reported a method where a DoS attack could lead to RCE. * Thanks to Karim El Ouerghemmi from RIPS who disclosed a method to store XSS in post slugs. * Thanks to Slavco for reporting, and confirmation from Karim El Ouerghemmi, a method to bypass protected meta that could lead to arbitrary file deletion. * Thanks to Erwan LR from WPScan who responsibly disclosed a method that could lead to CSRF. * And a special thanks to @zieladam who was integral in many of the releases and patches during this release. ------------------------------------------------------------------------------- - ChangeLog:
* Sat Oct 31 2020 Remi Collet <remi@remirepo.net> - 5.5.3-1 - WordPress 5.5.3 Maintenance Release * Fri Oct 30 2020 Remi Collet <remi@remirepo.net> - 5.5.2-1 - WordPress 5.5.2 Security and Maintenance Release ------------------------------------------------------------------------------- - References:
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Pro-Linux
Funktion steht nur registrierten Nutzern zur Verfügung!
Neue Nachrichten
Funktion steht nur registrierten Nutzern zur Verfügung!