[SECURITY] [DLA 813-1] wordpress security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : wordpress
Version : 3.6.1+dfsg-1~deb7u13
CVE ID : CVE-2017-5488 CVE-2017-5489 CVE-2017-5490
CVE-2017-5491 CVE-2017-5492 CVE-2017-5493
CVE-2017-5610 CVE-2017-5611 CVE-2017-5612
Debian Bug : 851310 852767
Several vulnerabilities were discovered in wordpress, a web blogging
tool. The Common Vulnerabilities and Exposures project identifies the
following issues.
CVE-2017-5488
Multiple cross-site scripting (XSS) vulnerabilities in
wp-admin/update-core.php in WordPress before 4.7.1 allow remote
attackers to inject arbitrary web script or HTML via the name or
version header of a plugin.
CVE-2017-5489
Cross-site request forgery (CSRF) vulnerability in WordPress before
4.7.1 allows remote attackers to hijack the authentication of
unspecified victims via vectors involving a Flash file upload.
CVE-2017-5490
Cross-site scripting (XSS) vulnerability in the theme-name fallback
functionality in wp-includes/class-wp-theme.php in WordPress before
4.7.1 allows remote attackers to inject arbitrary web script or HTML
via a crafted directory name of a theme, related to
wp-admin/includes/class-theme-installer-skin.php.
CVE-2017-5491
wp-mail.php in WordPress before 4.7.1 might allow remote attackers to
bypass intended posting restrictions via a spoofed mail server with the
mail.example.com name.
CVE-2017-5492
Cross-site request forgery (CSRF) vulnerability in the widget-editing
accessibility-mode feature in WordPress before 4.7.1 allows remote
attackers to hijack the authentication of unspecified victims for
requests that perform a widgets-access action, related to
wp-admin/includes/class-wp-screen.php and wp-admin/widgets.php.
CVE-2017-5493
wp-includes/ms-functions.php in the Multisite WordPress API in WordPress
before 4.7.1 does not properly choose random numbers for keys, which
makes it easier for remote attackers to bypass intended access
restrictions via a crafted site signup or user signup.
CVE-2017-5610
wp-admin/includes/class-wp-press-this.php in Press This in WordPress
before 4.7.2 does not properly restrict visibility of a
taxonomy-assignment user interface, which allows remote attackers to
bypass intended access restrictions by reading terms.
CVE-2017-5611
SQL injection vulnerability in wp-includes/class-wp-query.php in
WP_Query in WordPress before 4.7.2 allows remote attackers to execute
arbitrary SQL commands by leveraging the presence of an affected
plugin or theme that mishandles a crafted post type name.
CVE-2017-5612
Cross-site scripting (XSS) vulnerability in
wp-admin/includes/class-wp-posts-list-table.php in the posts list
table in WordPress before 4.7.2 allows remote attackers to inject
arbitrary web script or HTML via a crafted excerpt.
For Debian 7 "Wheezy", these problems have been fixed in version
3.6.1+dfsg-1~deb7u13.
We recommend that you upgrade your wordpress packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAliRli9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeSR7RAAl1OMQ9tgt4SfyDZmubWQ6wm+OmVRi17n2bf/R0dHj4iVdmf1xu1OGpUT
OfjlM1awyUWq7QmI0XqnOPICc5XJL01cMnfJ3xmfKALhb8eBKPjFY41DoN1Amyvj
7ooDqwkx65MOrw1Mrn6agvPrL/tCK2PdWITZX1gcn2fhY58WruIBg/kModvrifAz
WLMwwOVrWFFzg9+lmkL2WBLukD8T2IHyDvITQdMY8YJx6LW9u5xYQeW1ANrG2iJ4
0fTNXlFBXrdkWZviosnvHErQS1vgAKUVQJq4fLSth61aVV83g34LrPbcTIETo26l
a2d5bLk5rc0ZkZkpmu343x4ZDSeosAixAAIdPjG/4t9UX3MkXqLXqNxxkIiNL/YL
EzEZcHQDoRaNvwFht6s52L8kqfpKGKG3g3kO+atByzgEH9BJkN2N+T4j0MiEie66
Ig50x/WsKK+ZQwJEJi1w3dRilcU6oN5+daywfJqCwIsr4D+IyHLd0vOhQxWhn1d2
95siWdTtVK2VVa7rdy5Q50JQeC5wO4ZtIOPFUK1iZJdw9nc4sad5TaPNhlqsrWc7
6nlQemlkHI993W6xmtSpvTKKIU0z+K3iPBE+ykqj7hDRNJ+ben+iGFhWMZBOwY8H
vhx4/fWBLLbfh/8Gh5AsR3I6CNCnMi8wyw7wU0oZj6WFxIIFcfw=
=DRqu
-----END PGP SIGNATURE-----
Reply to: