-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 8 May 2024 23:01:08 CEST Source: wordpress Architecture: source Version: 5.7.11+dfsg1-0+deb11u1 Distribution: bullseye-security Urgency: high Maintainer: Craig Small <csmall@debian.org> Changed-By: Markus Koschany <apo@debian.org> Checksums-Sha1: 3e1cd3a500fd5cd6ed110aaede103160f26a62d3 2582 wordpress_5.7.11+dfsg1-0+deb11u1.dsc 850f984d1bc912d3e06a6a107ea464ea4d0825b1 15773434 wordpress_5.7.11+dfsg1.orig.tar.gz 05bb45a695b5f7236fdfa4178d5bcc70b3bab472 6825564 wordpress_5.7.11+dfsg1-0+deb11u1.debian.tar.xz bfe6309b256152f86609d7caece13f9781d90421 8116 wordpress_5.7.11+dfsg1-0+deb11u1_amd64.buildinfo Checksums-Sha256: d46658c396a31d8cc961f98ebb2ed8811d688b945e7e507beda0e8b77155a31b 2582 wordpress_5.7.11+dfsg1-0+deb11u1.dsc 04fbc16f1d5aea08ef132e105206467579e9c91d3d323dcbff9e3395ef1d459b 15773434 wordpress_5.7.11+dfsg1.orig.tar.gz 2cdf6d7f27be82f753252326dbcf0c5ca41b20713286d61d06c43dfcf45cee20 6825564 wordpress_5.7.11+dfsg1-0+deb11u1.debian.tar.xz d675126ceed196e8dc037e76a5fff61a7379afe063baa85c3fe77f1b91cb08af 8116 wordpress_5.7.11+dfsg1-0+deb11u1_amd64.buildinfo Changes: wordpress (5.7.11+dfsg1-0+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload. * Fix CVE-2024-31210, CVE-2023-39999, CVE-2023-38000, CVE-2023-5561, CVE-2023-2745. Several security vulnerabilities have been discovered in Wordpress, a popular content management framework, which may lead to exposure of sensitive information to an unauthorized actor in WordPress or allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack. Furthermore this update resolves a possible cross-site-scripting vulnerability, a PHP File Upload bypass via the plugin installer and a possible remote code execution vulnerability which requires an attacker to control all the properties of a deserialized object though. Files: a3a80e591f99c5a3f195c32116b1578a 2582 web optional wordpress_5.7.11+dfsg1-0+deb11u1.dsc d47befdfedfd4e281e254d6f8da3b9a5 15773434 web optional wordpress_5.7.11+dfsg1.orig.tar.gz 5d498d9cef6dd405712f335b1632802f 6825564 web optional wordpress_5.7.11+dfsg1-0+deb11u1.debian.tar.xz 238b72b421a90224c39bb58bf7cf6613 8116 web optional wordpress_5.7.11+dfsg1-0+deb11u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmY76BlfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkBkIQAI9+kJXzW2yUqpQRESyu2bLSdkxLN+PV+/Hz NI0uuLqyh8WE/MInKC5wDS/1u3iCwqU27rENBAeHYfPT14BHv3Cn9k1kLuuluSPy ogdEDdZQL3okRNZQ9b3onwXCvSKs1PH6HtxgMDx15DUaOZgsMk8H9P1A0vAE2wGD dC2u56jQTk9fonBUlxhhqf1kBf9GCSqmjxhQOgQUG/WmItoO/ROq+eeVYl7gzbvl GZKCE3+AfLw3dadxTkMlm4B4mEhoo1k/Qmh5MPXos0ZMjK6oyf1UVVOBg8WFApoh uRlwNww/EtShEO5JmonV3DT/Ulmmi5ESVmYyvzlqX5J+T3aBrrSsGmZsvuCAUGzT GHmkZDLjnqUVl6dvWuH1zgZzCLhl3+y4vb9IPFIj2fMLqXwq98f0ay4i2PFEC6Zc 7KD7I5fGbHWapsS5vOEKERPWbryHdBn94t9vWIBd8uKaTH9JRwCoEqVheYLzqAtD UrZZ4p8j0nXH0GCJraVOPjfMWea92FWD835FrgI1eTjme68hxnQwnpOE4DU72CiD 7xb4Mnlsxcadxdq9ghoVYM9TlAjecROqiqnm7rk+325cdDY2o4AZzmApmza5CC1l ezXYkdD/w7+jxuPRXiuhrwTOKYhjjaHW9ZM9c3YfJO0HTj3+ieR2Bf6FnS0D0Tw1 61NKe5lI =9g2W -----END PGP SIGNATURE-----