[Secure-testing-team] Bug#828225: wordpress: Various security fixes in 4.5.3 CVE-2016-5832 to 5839
Craig Small
csmall at debian.org
Sun Jun 26 10:04:23 UTC 2016
Source: wordpress
Version: 4.5.2+dfsg-2
Severity: important
Tags: security
Various security fixes in wordpress 4.5.3
CVE-2016-5832 - redirect bypass in the customizer, reported by Yassine Aboukir;
CVE-2016-5833 - XSS problem via attachment name reported by Jouko Pynnonen
CVE-2016-5834 - XSS problem via attachment name reported by Divyesh Prajapati
CVE-2016-5835 - revision history information disclosure, reported independently by John Blackbourn from the WordPress security team and by Dan Moen from the Wordfence Research Team;
CVE-2016-5836 - oEmbed denial of service reported by Jennifer Dodd from Automattic;
CVE-2016-5837 - unauthorized category removal from a post, reported by David Herrera from Alley Interactive;
CVE-2016-5838 - password change via stolen cookie, reported by Michael Adams from the WordPress security team;
CVE-2016-5839 - and some less secure sanitize_file_name edge cases reported by Peter Westwood of the WordPress security team.
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.4.0-1-amd64 (SMP w/6 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
More information about the Secure-testing-team
mailing list