[SECURITY] [DLA 2731-1] wordpress security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2731-1] wordpress security update
From: Utkarsh Gupta <utkarsh@debian.org>
Date: Wed, 4 Aug 2021 18:12:49 +0530
Message-id: <[🔎] CAPP0f95RRR=D=46VAs4Bh+zBPN1mUKmLn_zc0_yJ2riVoHsSWQ@mail.gmail.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -----------------------------------------------------------------------
Debian LTS Advisory DLA-2731-1              debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Utkarsh Gupta
August 04, 2021                             https://wiki.debian.org/LTS
- -----------------------------------------------------------------------

Package        : wordpress
Version        : 4.7.21+dfsg-0+deb9u1
CVE ID         : not assigned yet

One security issue affects WordPress, a weblog manager, versions
between 3.7 and 5.7. This update fixes the following security issues:
Object injection in PHPMailer (CVE-2020-36326 and CVE-2018-19296).

For Debian 9 stretch, this problem has been fixed in version
4.7.21+dfsg-0+deb9u1.

We recommend that you upgrade your wordpress packages.

For the detailed security status of wordpress please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/wordpress

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmEKixkACgkQgj6WdgbD
S5bbOBAAuI+uitfx8/GuTHziWoAVucSgQyyyt0XEOhQ53bsUhxO8RqHeSUaMTvM8
5oq1QqA0sxu3KHuVCZNq/bT320T4TdIwlrh3R9PFYDKtf+dctzFzytnDJ1opohb2
KeIvaDQio7AYx333jGA+CHbzG7poCSK/aqLIxXEflbD2Jg6lGVioIvnZPiUrUmZ/
JcO5ytIwlVUh4/k9Jt9mqVibpAfbxkKk2822Do7LEIDWj8HD0u6DXYqT2ZEsW5V2
Ck6Hg+/qWj+03d0nFJhAg2iSYu54eyZPqlhozP/79yCkalp5Mskkk43X4LPylEUh
lomGLZ6lqZWZooK7SQCQZ0gxJb7RjHwOAA1oXyQ1JbWlDCbctbhBjCr5hm/6+50A
ajmEjIzleQMN2utToz61kk0zE2zunaknc38QLOJU2HOgdQwruz1nCiUMeBQyyH4E
FA0gZ3roz3ojCkrGZQo71jgXhAtvAXJX50t0YSlmmqaEIBDL8daE/XyhXxe2Yzuu
W0cZzVjrERJBurcXllGgRyC7n7UKE9I4ALUtnrmcSVIiPQZus8pN9SKrNt++9vnI
WUlGMyk9yCb5DpynLIawj8rxm99vDrjiujireaszcjQKSMF8ln7001Kk/Z+Fh4P+
YFyltO6EWfUM4jntyyvo7gmViZVFYVld12vAdyrQ/BZqyx4Cl/s=
=qBFH
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2730-1] libpam-tacplus security update
Next by Date: [SECURITY] [DLA 2732-1] openexr security update
Previous by thread: [SECURITY] [DLA 2730-1] libpam-tacplus security update
Next by thread: [SECURITY] [DLA 2732-1] openexr security update
Index(es):
- Date
- Thread