Advisories » MGASA-2015-0377

Updated wordpress package fixes security vulnerabilities

Publication date: 17 Sep 2015
Modification date: 17 Sep 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2015-5714 , CVE-2015-5715

Description

Updated wordpress packages fixes security vulnerabilities:

The wordpress package has been updated to version 3.9.9, fixing two
cross-site scripting issues and a potential privilege escalation issue
(CVE-2015-5714, CVE-2015-5715), as well as other bugs.  See the upstream
announcement and release notes for more details.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=16763
• https://codex.wordpress.org/Version_3.9.9
• https://wordpress.org/news/2015/09/wordpress-4-3-1/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5714
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5715

SRPMS

4/core

• wordpress-3.9.9-1.mga4