Advisories » MGASA-2015-0202

Updated wordpress packages fix security vulnerabilities

Publication date: 08 May 2015
Modification date: 08 May 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2015-3440

Description

Updated wordpress packages fixes security vulnerabilities:

The wordpress package has been updated to version 3.9.6, which fixes multiple
cross-site scripting issues, including CVE-2015-3440, and other bugs.

Note that upstream has advised us that WordPress 3.9.x is no longer supported.
As this package is unmaintained, this may be the last update for this package.
Downloading the latest version from upstream and using that, as well as making
use of its aut-update capability, may be preferrable to using this package.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=15786
• http://codex.wordpress.org/Version_3.9.5
• http://codex.wordpress.org/Version_3.9.6
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3440

SRPMS

4/core

• wordpress-3.9.6-1.mga4