-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 8 May 2024 22:45:06 CEST
Source: wordpress
Architecture: source
Version: 6.1.6+dfsg1-0+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Craig Small <csmall@debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
54a861766ad074991510da3d6f1839c5ec2334b2 2587 wordpress_6.1.6+dfsg1-0+deb12u1.dsc
d329fbe06e23fcf9e7816f4888081e0aa79c21d9 22826125 wordpress_6.1.6+dfsg1.orig.tar.gz
e35ef3aa07f3770c5cb5a3f171c92656ac02b303 6879016 wordpress_6.1.6+dfsg1-0+deb12u1.debian.tar.xz
767ff605ebafea134e488e8ea66c440c5ae14da4 8227 wordpress_6.1.6+dfsg1-0+deb12u1_amd64.buildinfo
Checksums-Sha256:
95e123841e2787532f7bdd6d458073878eb206c28c07d9e995b667eeb9a3bf31 2587 wordpress_6.1.6+dfsg1-0+deb12u1.dsc
fc112fa431c1d948418d2a1a1f190f9206e8cee7c386a2e4e1e173916c8d0eb6 22826125 wordpress_6.1.6+dfsg1.orig.tar.gz
708348759b4df3cdc08718b7bb33f41252774a0a49f535d4cd3cbbdd1f1cc2b5 6879016 wordpress_6.1.6+dfsg1-0+deb12u1.debian.tar.xz
22a0adec9987860ad8d567592236d69254670ae03e4beac21862790ea356351c 8227 wordpress_6.1.6+dfsg1-0+deb12u1_amd64.buildinfo
Changes:
wordpress (6.1.6+dfsg1-0+deb12u1) bookworm-security; urgency=high
.
* Non-maintainer upload.
* Fix CVE-2024-31210, CVE-2023-39999, CVE-2023-38000, CVE-2023-5561,
CVE-2023-2745.
Several security vulnerabilities have been discovered in Wordpress, a
popular content management framework, which may lead to exposure of
sensitive information to an unauthorized actor in WordPress or allowing
unauthenticated attackers to discern the email addresses of users who have
published public posts on an affected website via an Oracle style attack.
Furthermore this update resolves a possible cross-site-scripting
vulnerability, a PHP File Upload bypass via the plugin installer and a
possible remote code execution vulnerability which requires an attacker to
control all the properties of a deserialized object though.
Files:
4d907a8571d12c2d6d5ae20d576f898e 2587 web optional wordpress_6.1.6+dfsg1-0+deb12u1.dsc
095ef04743ba9041bfa7527ac0a997a0 22826125 web optional wordpress_6.1.6+dfsg1.orig.tar.gz
2c8f861652fc908f9c82c44dc70109a8 6879016 web optional wordpress_6.1.6+dfsg1-0+deb12u1.debian.tar.xz
245bcb9988e31543e9c0d42fe0b21dc0 8227 web optional wordpress_6.1.6+dfsg1-0+deb12u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmY75PpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkubUP/0alwB69baeR+vJUXjsgFgWLukSPECgtgbFX
jHn1hE6xBxu1/3MqmU3f1Yq+WHXdqSJjC4pnWgFJGa1GszxBAeuFOpyGrKLngHT5
MCyDZHrStfw0d0oGxCb8lDBRRGm5CwfvFWfMTL3x5ZBnVstA0BXo+rQKag+wqvHc
YL939bXQtoUJ1Tt3XB+5BR2DwysLAYV0AhaZOn+AiH+xnY/zDW6ByzwBAB/93l15
bzeorfp9iSV493JvbgmsbH0odo2dCP1jyg2ggaeAwWyXr3YPcV3A+3ZeKIUzYJ01
6ZbJZF3rA0693hqRpa+acZqCAjbdQ1eRjQq4qJgzqUfGAZXa1Ujol54dyomqlrT1
PobjFu+nrn/5D3PghzVRyGow5NWLq8r0FFdq6vBIS06SoVYhhsGf79cMUJQExE4h
WvhsijDl7WnmTwab8TTw2mlFXzsnmy5Ys/pVJWXE0zQcJ6pfuacckmO1rvpBNPU6
d/pcBqz/U1d/oolKB0MT4NpTVg8e5Rw/kRNn870xbXuUiKGlepCCPpjQoc7XBvmg
TMurxHvEleVdbNYaY+Vv/jBxz8GzkAuwO+x+M/LAjtkxZ+4HhD1QaojW62Ljaw+E
nGxtnAZC9BMSGq7X/lQSNiqtxxtXzbdY5uHg632jSqwBgAgxj1w1wkDDowDI/WEw
pMzFFmdK
=O9vf
-----END PGP SIGNATURE-----
Attachment:
pgpRJCMneyikY.pgp
Description: PGP signature