[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1096-1] wordpress-shibboleth security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : wordpress-shibboleth
Version        : 1.4-2+deb7u1
CVE ID         : CVE-2017-14313
Debian Bug     : #874416

It was discovered that there was a an XSS vulnerability in the login form of
the "Shibboleth" identity provider module for Wordpress.

For Debian 7 "Wheezy", this issue has been fixed in wordpress-shibboleth version
1.4-2+deb7u1.

We recommend that you upgrade your wordpress-shibboleth packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlm5b/4ACgkQHpU+J9Qx
HljAhRAAnd7IGzO6bE1HvD3GIAy3kVRx0b7EZl5j4l4jlcKSW4vEHXdSddAEE3Ut
Z7UjVpPzyxwhzSO0+SWn8CEBQP5uQWSowBe+LgQx2VuS+zUJQCF1xLfkAXfgEdcD
juqgdsQwiS1SSX1em09DayvPnlVIMBNVTTlG9ijKMgbFqo5nmk4O+PBhnAAP6hCH
lBBXOr4X8l52UA/T02QzGYlHLGGo5H4n09tyDnN446Pok5j68WyOwNm8zkY/uazj
/+7JlJ1D70mzBBmylzt8EHTmyrOF8oJ18sgol/qLGXwZfBlGkpVajCAWgEMMhfDT
bNbKGtNdQplXubraAP+nQCbmOWXICE+Y0DYbKOkBTosdIQpVGrBYAt5/vYdHvQ+k
n/aTnPdIPQ+9KxbvejHkTMJyztjQh07s31OV2z0Fa1GPgV6+iGm9eVuRQGx5S9zF
QVV60XPTS0Qlt4bG3iYknFNOLNzZGuaJR+fJ3CRi/Wkf7HTx4TGrsiaF2yHLk5gi
Ca2DfsAOHUz/0vUIEB/CvGEDrYaEye/naSm1h1fbl6QP3/ogt88NzRMnMuKHox/Z
ZE9GzakiwPgzRJb2G79cJ1GRpRz65ymy0LXNcH8DH7OnNPY0Ow/ZQgpChZx+yCRY
sHNv2xt1IyIpVUUSUMuKbn8NTaroGFAksw8EagP7eIAc3YbGA2Q=
=evdK
-----END PGP SIGNATURE-----
Reply to: