[SECURITY] [DLA 1960-1] wordpress security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1960-1] wordpress security update
From: Markus Koschany <apo@debian.org>
Date: Thu, 17 Oct 2019 22:21:46 +0200
Message-id: <[🔎] 9f0a02a2-a531-b61b-366d-8b08263c22a0@debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : wordpress
Version        : 4.1.27+dfsg-0+deb8u1
CVE ID         : CVE-2019-16217 CVE-2019-16218 CVE-2019-16219
                 CVE-2019-16220 CVE-2019-16221 CVE-2019-16222
                 CVE-2019-16223
Debian Bug     : 939543

Several cross-site scripting (XSS) vulnerabilities were discovered in
Wordpress, a popular content management framework. An attacker can use
these flaws to send malicious scripts to an unsuspecting user.

For Debian 8 "Jessie", these problems have been fixed in version
4.1.27+dfsg-0+deb8u1.

We recommend that you upgrade your wordpress packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl2ozVpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeQJaRAAsG5l/QQmH0h9s7YrzngFdVQ5NT5nC99fN/eQd39jX49qoxx7nBTvsx4Y
7HGjdYFZOBkPy46EHAGT65e8ZncPMHDWBFwTWn4mOYrc74TTlCP3A4/HwQl4SLPA
uXyeItAyetDLvP1zKdqLml2n8eOfEbivRiozznoKkxDNu1lhc2ZU4SR1ge5oxItD
0wgUr/YxXGrpgmC46pK8KJXF5wzejoCwwwL91d3zGyqEB953+C5biHnmR9XbYasj
eMCSw2D27Zggpeqhki61TlKWK4Snsum8ZRl+WyN34eDtsCvfIpcTyGNUTZkaajrX
y2sIohWuCgiRuEuefc0v7gydkfYMuc71WrJLBG7G56B/oNJJynjrN5E+zsGte8xw
ShVez6rKYy1zUhxtA3aq3q+c22ZtMpidlYCLIm5gfIKss3c65qFU5My6QBdvOnBE
+xbSZb2zCEnbO13Se25dcWgkVzLNv/rUQ515Pijm4+Tv3hnFHFMf1X4wLvxKzoPJ
Q9b5wh5sG0nYgTBn4xw4jI27fP8qA88jkBK3uTRQ31ePnrD8IlSwPhsKSYRSxvar
dbh9SdDFxJv4lePbUVEf3s4n+u/RMLAauWQyfFiBJzVmrjfLROP2rcH6sFp2qP6J
ghEV/ZQzwYsu2dbseGRFxXyu2nCaKYRro33AWrHi3hBDB893FnE=
=PPNY
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1964-1] sudo security update
Next by Date: [SECURITY] [DLA 1963-1] poppler security update
Previous by thread: [SECURITY] [DLA 1964-1] sudo security update
Next by thread: [SECURITY] [DLA 1963-1] poppler security update
Index(es):
- Date
- Thread