Nome do pacote
wordpress
Data
2013-09-19
ID Alerta
MDVSA-2013:239
Versões afetadas
MBS1 x86_64

Descrição do problema

Updated wordpress and php-phpmailer packages fix security
vulnerabilities:

wp-includes/functions.php in WordPress before 3.6.1 does not properly
determine whether data has been serialized, which allows remote
attackers to execute arbitrary code by triggering erroneous PHP
unserialize operations (CVE-2013-4338).

WordPress before 3.6.1 does not properly validate URLs before use in
an HTTP redirect, which allows remote attackers to bypass intended
redirection restrictions via a crafted string (CVE-2013-4339).

wp-admin/includes/post.php in WordPress before 3.6.1 allows remote
authenticated users to spoof the authorship of a post by leveraging the
Author role and providing a modified user_ID parameter (CVE-2013-4340).

The get_allowed_mime_types function in wp-includes/functions.php in
WordPress before 3.6.1 does not require the unfiltered_html capability
for uploads of .htm and .html files, which might make it easier for
remote authenticated users to conduct cross-site scripting (XSS)
attacks via a crafted file (CVE-2013-5738).

The default configuration of WordPress before 3.6.1 does not prevent
uploads of .swf and .exe files, which might make it easier for remote
authenticated users to conduct cross-site scripting (XSS) attacks
via a crafted file, related to the get_allowed_mime_types function
in wp-includes/functions.php (CVE-2013-5739).

Additionally, php-phpmailer has been updated to a newer version
required by the updated wordpress.

Pacotes atualizados

MBS1 x86_64

 20b778e4dce88394ba3fe60f3db38ec6  mbs1/x86_64/php-phpmailer-5.2.7-0.20130917.1.mbs1.noarch.rpm
 9174445e9a2e76973bcbea3909ba8af7  mbs1/x86_64/wordpress-3.6.1-1.mbs1.noarch.rpm 
 afb38d03fc53350c03eba38eaea6561b  mbs1/SRPMS/php-phpmailer-5.2.7-0.20130917.1.mbs1.src.rpm
 ca3d0d9e13aacf26feab9382d20a0560  mbs1/SRPMS/wordpress-3.6.1-1.mbs1.src.rpm

Referências