[SECURITY] [DLA 2956-1] wordpress security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2956-1] wordpress security update
From: Utkarsh Gupta <guptautkarsh2102@gmail.com>
Date: Mon, 21 Mar 2022 00:00:20 +0530
Message-id: <[🔎] CAPP0f97c7igZyE6sZb6K58ghMoZhrPNQmG6xrrTSorV4bS95cg@mail.gmail.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -----------------------------------------------------------------------
Debian LTS Advisory DLA-2956-1              debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Utkarsh Gupta
March 20, 2022                              https://wiki.debian.org/LTS
- -----------------------------------------------------------------------

Package        : wordpress
Version        : 4.7.23+dfsg-0+deb9u1
Debian Bug     : 1007145

Several vulnerabilities like Prototype Pollution Vulnerability in a
jQuery dependency and in the block editor, and Stored Cross Site
Scripting Vulnerability were discovered in Wordpress, a web blogging
tool.

For Debian 9 stretch, this problem has been fixed in version
4.7.23+dfsg-0+deb9u1.

We recommend that you upgrade your wordpress packages.

For the detailed security status of wordpress please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/wordpress

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmI3co0ACgkQgj6WdgbD
S5aMuA/7BuJjCKz2jVZ0I6FDgJvO7n5zjqGKdI6jL1TZXIRhRFo5Y+SwD2RM6zu9
6U+4cYcWqlxii7sR1HoZVrxaXYqG79emZQyWFQfUqPWChvsjt5JpahBJlk6pfv7T
tICUa1Hejgpmo2Mqd9Uih44LDEL1ZoT5JCtD+B73fPRvllKjGU9dwiFJ+DILdiZq
VVOx/kZ/uisWvHX+xQ+g4/T3kkPHizQ6ViX4057bMO/LlHHWn0kxXn7+wFJiqc4/
XRD9Td5o/n6Li8B0YwrJ08qlH+BuEwxlK86wCBYxRh6Fe27tS56bmyMR5psSQWBv
s1fDLlWlxmVOI5C/CwVHAjYtUGoz69KEsy4QTzXLTUpAk3KZyPubdYuZ1ZZyf6eU
I/fkLmMLIA8OFpZmt+Ts5u0ygUxrv9VxHIbjT3dVakbbR6PPe9jN/IrQOYvs+vKq
cBbqCAXio0h15WTwY+6ZqnbO8LWak97RbceTjJcDnq6gvL1qNBd2aAD10/b5en+r
JSvw73WhTvxLhm/bTUCMdJDJHwyJM8FrAwoO3ZvGGrBI9nNS9parR7AlCLiCby9R
TIPtnXOe8oiIXIa8Ok1Zhmgf2SIAyTKPlcPll/pEITSJeU4Ij2gzZpI1oK8r4NFw
RNzepLwNPAx26Ky42IZo092O58vdXGB9YKRLFnqkv8fmVhmbJuY=
=+yL/
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2955-2] bind9 regression update
Next by Date: [SECURITY] [DLA 2957-1] libpano13 security update
Previous by thread: [SECURITY] [DLA 2955-2] bind9 regression update
Next by thread: [SECURITY] [DLA 2957-1] libpano13 security update
Index(es):
- Date
- Thread