• [SECURITY] [DSA 5279-2] wordpress security update

    From Sebastien Delafond@21:1/5 to All on Thu Nov 17 08:10:01 2022
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5279-2 security@debian.org https://www.debian.org/security/ Sebastien Delafond November 17, 2022 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : wordpress
    Debian Bug : 1007005 1018863 1022575 1024249

    The wordpress package released in DSA-5279-1 had incorrect
    dependencies that could not be satisfied in Debian stable: this update
    corrects the problem. For reference, the original advisory text is
    provided here again:

    Several vulnerabilities were discovered in Wordpress, a web blogging
    tool. They allowed remote attackers to perform SQL injection, create
    open redirects, bypass authorization access, or perform Cross-Site
    Request Forgery (CSRF) or Cross-Site Scripting (XSS) attacks.

    For the stable distribution (bullseye), this problem has been fixed in
    version 5.7.8+dfsg1-0+deb11u2.

    We recommend that you upgrade your wordpress packages.

    For the detailed security status of wordpress please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/wordpress

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

    iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAmN13KoACgkQEL6Jg/PV nWSnyggAvAS8Crzgp8xW8FvZ20pEz0uXm8oW+5sUR7U+c6vsUPXBa2yT+pLNyCGn Ss9ffvl+IVnfZEHK70PvK61thKS9yhtse0fy25HljMnsBBSzMtjZEwZOHGpERNRW Yf7Cm5ubIlKumKLodGh+Ecun01DRawfG/W4V+sBnDZWGdn9+B9K6q7vYLRDowshi sdJczvrRn2vr88V+LLzbgVDv3M1WcM+dbyEOOtxY29ELuHODgafZNIiMyjxpy3RI iZg5c2uS4RxojN61TxKpD2ewdSRrqAy51SspUSMZIV9l2hQkhMfOm/8x1MLAWVO0 v/PaS8NsyR1P454NCwhRRmNbJ5252w==
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)