[SECURITY] [DLA 1151-1] wordpress security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : wordpress
Version : 3.6.1+dfsg-1~deb7u17
CVE ID : CVE-2016-9263 CVE-2017-14718 CVE-2017-14719
CVE-2017-14720 CVE-2017-14721 CVE-2017-14722
CVE-2017-14723 CVE-2017-14725 CVE-2017-14990
Debian Bug : 876274 877629
Several vulnerabilities were discovered in wordpress, a web blogging
tool. The Common Vulnerabilities and Exposures project identifies the
following issues.
CVE-2016-9263
When domain-based flashmediaelement.swf sandboxing is not used,
allows remote attackers to conduct cross-domain Flash injection
(XSF) attacks by leveraging code contained within the
wp-includes/js/mediaelement/flashmediaelement.swf file.
This issue was resolved by completely removing
flashmediaelement.swf.
CVE-2017-14718
WordPress was susceptible to a Cross-Site Scripting attack in the
link modal via a javascript: or data: URL.
CVE-2017-14719
WordPress was vulnerable to a directory traversal attack during
unzip operations in the ZipArchive and PclZip components.
CVE-2017-14720
WordPress allowed a Cross-Site scripting attack in the template list
view via a crafted template name.
CVE-2017-14721
WordPress allowed Cross-Site scripting in the plugin editor via a
crafted plugin name.
CVE-2017-14722
WordPress allowed a Directory Traversal attack in the Customizer
component via a crafted theme filename.
CVE-2017-14723
WordPress mishandled % characters and additional placeholder values
in $wpdb->prepare, and thus did not properly address the possibility
of plugins and themes enabling SQL injection attacks.
CVE-2017-14725
WordPress was susceptible to an open redirect attack in
wp-admin/user-edit.php.
CVE-2017-14990
WordPress stores cleartext wp_signups.activation_key values (but
stores the analogous wp_users.user_activation_key values as hashes),
which might make it easier for remote attackers to hijack
unactivated user accounts by leveraging database read access
(such as access gained through an unspecified SQL injection
vulnerability).
For Debian 7 "Wheezy", these problems have been fixed in version
3.6.1+dfsg-1~deb7u17.
We recommend that you upgrade your wordpress packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAln4lRlfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeQeXBAAsg+z+OUvK5teqWOEg0hz4r0zIRvAJtslymt3N9UkhBUk02dg1AmPjmgi
su4HJB9/cfiB6GLQnp3kbvqOLyOX+DnSbDdk3oknUDsm3wfBsVYk3U69l5ePQLNT
pcXGsXtENIx4zp4pzl7QVuchzggM7oPv36H3fc/NFuzCypojRz+Ua5aVO01zRd0K
yAwXxxI8hyLlb3nI53EWEmfsbGUj1pyMmbKU8mOxmyezikYJrucA/fyB1VJbdU3N
Z32jh5GUhvmx7mDC8Mb7NJGeUOeihHMLpNS7bFPMM2YoCnEIdeG3zUQ768sUDaUV
cijuzfg+6o5KR9zKcBm33Vs95JXRib27sFBfJXOPI6E7TyKt7nO0bKc4yaftL4p9
6EX5bF3vON476shhLPHD7GgGjyzZB5YBAuGNtB/7S7esFYidptEh97bbCHoA7C6n
sY1Vf9PWWEDC/M/cm38SLRt2Qw62/iXHiO9E2IsgW9bLG71Dd9DoVLmBMAnuUhhV
txFmzGBn2sPxdS8oC79FfFfVuQFj2LWtjIUjuYLCA7ShLHtyj1XaRg31aLUwfFGq
ggJZxRhEc3HBz4QOQ1K41DRKkzuOA7IUesAt+vHniLeLt4YOB6DJdNdrBiAbLTQW
igC1gcTy6nXd25C7Z9jywkNE8l9+J9691KpLxaiwOXiEyIkUHmM=
=R75A
-----END PGP SIGNATURE-----
Reply to: