[SECURITY] [DSA 3332-2] wordpress regression update

2015-10-29T18:58:19
ID DEBIAN:DSA-3332-2:6D51B
Type debian
Reporter Debian
Modified 2015-10-29T18:58:19

Description


Debian Security Advisory DSA-3332-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 29, 2015 https://www.debian.org/security/faq


Package : wordpress Debian Bug : 803100

The patch applied for CVE-2015-5622 in DSA-3332-1 contained a faulty hunk. This update corrects that problem. For reference, the relevant part of the original advisory text follows.

Several vulnerabilities have been fixed in Wordpress, the popular blogging engine.

CVE-2015-5622

The robustness of the shortcodes HTML tags filter has been
improved. The parsing is a bit more strict, which may affect
your installation. This is the corrected version of the patch
that needed to be reverted in DSA 3328-2.

For the stable distribution (jessie), this problem has been fixed in version 4.1+dfsg-1+deb8u6.

We recommend that you upgrade your wordpress packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org