[SECURITY] [DLA 532-1] movabletype-opensource security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 532-1] movabletype-opensource security update
From: Chris Lamb <lamby@debian.org>
Date: Mon, 27 Jun 2016 20:54:17 +0100
Message-id: <[🔎] 1467057257.2298995.650055873.59CB8FB3@webmail.messagingengine.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : movabletype-opensource
Version        : 5.1.4+dfsg-4+deb7u4
CVE ID         : CVE-2016-5742

It was discovered that there was a SQL injection vulnerability in
the XML-RPC interface in MovableType, a blogging engine.

For Debian 7 "Wheezy", this issue has been fixed in
movabletype-opensource version 5.1.4+dfsg-4+deb7u4.

We recommend that you upgrade your movabletype-opensource packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXcYRaAAoJEB6VPifUMR5Yg7IP/1vKKz6ajZtm64v0bzYK+Qkh
b47y4vIhQe4CkS5kDQtnLjR/tk3bAL87J/qoZMXCXurFSc/yXCdPZ3qgzIxdpU2g
Z3ZIgXi6UJXNaxNt2q+2lEoEZz2J1kDpC0w04ApSINkKHNRx7r8xTDHeZRoCb+3K
v60DDprGHdkX1Mz3sZsUVtHdKarYt5SwnKmLDzktKlgqIKIMDxaA0V27kuZ6CN+H
5e7k8gQ/hxHa140Z2qMbWZwvXYw2HL21RNud/fFmLvJyk0tvF13sfqu/Aa2n/Inq
XI1xhDnzWZdIwJ1MTXoYZf6OnsPRHI3x2AdT9FUdBDhuJctEZxp8UIoc/S+CM1Es
Od495FVtDAhOyOLwDRR8PFT9ZEujI1KLMs/Cyyk/+hLfwItT8vL0r1fXJZV0kFAr
y10ShoW02n+/j0P+FMZtzTu4Pm96U4gVKNA0LktS/owyaiuwcUqdUruRh23ZyyKh
/c/t8jHOrWlNoQmq6tqUxCD09sVAFfQ9hh9Ro9CZcTnHh+a1OkK32YzPrg3K2cBj
8OlASH+rksRU+cXP603vTFuHwVJ56F8SwJKACXUaH4eGwI8AQZZm7oThggNZiYPk
H8FnvcuIl6cUqTHrNyVI4kl5k/osMQcSVqMsHrLvMNT8c4ay8tupfSWdB7TQFOCO
kQZXZL3VhHEQZNK5sXBI
=YlIl
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 530-1] java-common security update
Next by Date: [SECURITY] [DLA 531-1] spice security update
Previous by thread: [SECURITY] [DLA 530-1] java-common security update
Next by thread: [SECURITY] [DLA 531-1] spice security update
Index(es):
- Date
- Thread