Debian
wordpress package

wordpress 5.5.3+dfsg1-1 source package in Debian

Changelog

wordpress (5.5.3+dfsg1-1) unstable; urgency=high

  * Security release, fixes 8 bugs Closes: #973562
     - CVE-2020-28039: Protected meta that could lead to arbitrary
                       file deletion.
     - CVE-2020-28035: XML-RPC privilege escalation.
     - CVE-2020-28036: XML-RPC privilege escalation.
     - CVE-2020-28032: Hardening deserialization requests.
     - CVE-2020-28037: DoS attack could lead to RCE.
     - CVE-2020-28038: Stored XSS in post slugs.
     - CVE-2020-28033: Disable spam embeds from disabled sites
                       on a multisite network.
     - CVE-2020-28034: Cross-Site Scripting (XSS) via global variables.
     - CVE-2020-28040: CSRF attacks that change a theme's background image.
  * Removed TinyMCE build dependency as its very old
  * d/dirs: Add two more language directories

 -- Craig Small <email address hidden>  Tue, 03 Nov 2020 17:23:49 +1100

Upload details

Uploaded by:
Craig Small
Uploaded to:
Sid
Original maintainer:
Craig Small
Architectures:
all
Section:
web
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
wordpress_5.5.3+dfsg1-1.dsc 2.3 KiB 29b3570bb7c8d3125adb7e63cfa6a83ef84f9578f5e5d51adda3caaf1768ae7f
wordpress_5.5.3+dfsg1.orig.tar.xz 8.5 MiB 8ad4d5c2e103beededfcb09e2f94de8f276191ee630f2fa5c53d2158a81ecebb
wordpress_5.5.3+dfsg1-1.debian.tar.xz 6.5 MiB 219c7cb1701026c76c84c3d51dcab87ba078b438dc5a029c9afaa2a1937bc6c3

No changes file available.

Binary packages built by this source