Security Information / 2014 / Security Information -- DSA-3001-1 wordpress

Debian Security Advisory

DSA-3001-1 wordpress -- security update

Date Reported:

09 Aug 2014

Affected Packages:

wordpress

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2014-2053, CVE-2014-5204, CVE-2014-5205, CVE-2014-5240, CVE-2014-5265, CVE-2014-5266.

More information:

Multiple security issues have been discovered in Wordpress, a web blogging tool, resulting in denial of service or information disclosure. More information can be found in the upstream advisory at https://wordpress.org/news/2014/08/wordpress-3-9-2/.

For the stable distribution (wheezy), these problems have been fixed in version 3.6.1+dfsg-1~deb7u4.

For the unstable distribution (sid), these problems have been fixed in version 3.9.2+dfsg-1.

We recommend that you upgrade your wordpress packages.