Lucene search

Gentoo FoundationMGASA-2015-0202

HistoryMay 09, 2015 - 2:54 a.m.

Updated wordpress packages fix security vulnerabilities

2015-05-0902:54:13

Gentoo Foundation

advisories.mageia.org

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.944 High

EPSS

Percentile

99.2%

JSON

Updated wordpress packages fixes security vulnerabilities: The wordpress package has been updated to version 3.9.6, which fixes multiple cross-site scripting issues, including CVE-2015-3440, and other bugs. Note that upstream has advised us that WordPress 3.9.x is no longer supported. As this package is unmaintained, this may be the last update for this package. Downloading the latest version from upstream and using that, as well as making use of its aut-update capability, may be preferrable to using this package.

OSVersionArchitecturePackageVersionFilename
Mageia4noarchwordpress< 3.9.6-1wordpress-3.9.6-1.mga4

OS	Version	Architecture	Package	Version	Filename
Mageia	4	noarch	wordpress	< 3.9.6-1	wordpress-3.9.6-1.mga4

References

codex.wordpress.org/Version_3.9.5

codex.wordpress.org/Version_3.9.6

bugs.mageia.org/show_bug.cgi?id=15786

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.944 High

EPSS

Percentile

99.2%

JSON

Related for MGASA-2015-0202