[SECURITY] [DSA 3332-2] wordpress regression update

ID DEBIAN:DSA-3332-2:6D51B
Type debian
Reporter Debian
Modified 2015-10-29T18:58:19


Debian Security Advisory DSA-3332-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 29, 2015 https://www.debian.org/security/faq

Package : wordpress Debian Bug : 803100

The patch applied for CVE-2015-5622 in DSA-3332-1 contained a faulty hunk. This update corrects that problem. For reference, the relevant part of the original advisory text follows.

Several vulnerabilities have been fixed in Wordpress, the popular blogging engine.


The robustness of the shortcodes HTML tags filter has been
improved. The parsing is a bit more strict, which may affect
your installation. This is the corrected version of the patch
that needed to be reverted in DSA 3328-2.

For the stable distribution (jessie), this problem has been fixed in version 4.1+dfsg-1+deb8u6.

We recommend that you upgrade your wordpress packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org