Debian
wordpress package

wordpress 3.6.1+dfsg-1~deb6u1 source package in Debian

Changelog

wordpress (3.6.1+dfsg-1~deb6u1) squeeze-security; urgency=high


  * Non-maintainer upload by the Security Team.
  * Import Wordpress 3.6.1 from Jessie to fix all the security issues present
    in Squeeze:                                                 closes: #722537
    - CVE-2013-4338: unsafe PHP unserialization can causes arbitrary code
    execution.
    - CVE-2013-4339: unproper input validation in URL parsing can lead to
    arbitrary redirection.
    - CVE-2013-4340: privilege escalation allowing an user with an author role
    to create an entry appearing as written by another user.
    - CVE-2013-5738: authenticated users can conduct cross-site scripting
    attacks (XSS) using crafted html file uploads.
    - CVE-2013-5739: default Wordpress configuration doesn't prevent upload
    for .swf and .exe files, making it easier for authenticated users to
    conduct XSS attacks.

 -- Yves-Alexis Perez <email address hidden>  Sat, 14 Sep 2013 10:30:29 +0200

Upload details

Uploaded by:
Giuseppe Iuculano
Uploaded to:
Squeeze
Original maintainer:
Giuseppe Iuculano
Architectures:
all
Section:
web
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
wordpress_3.6.1+dfsg-1~deb6u1.dsc 1.7 KiB 4da43dff7a3390e81b1f8fdab6a352d05ce76cd57ff9505ab7d069d099fe217b
wordpress_3.6.1+dfsg.orig.tar.xz 3.1 MiB 20714525a688eadd649e2e497b4cd300870445867e1f8b3305b49da5ca55b50d
wordpress_3.6.1+dfsg-1~deb6u1.debian.tar.gz 10.5 MiB 901c76616e68290d6a7d6b6f163549a13818d7705a3f81a5895165d163bf4a36

No changes file available.

Binary packages built by this source