debian-security-announce May 2007 archive
Main Archive Page > Month Archives  > debian-security-announce archives
debian-security-announce: [SECURITY] [DSA 1285-1] New wordpress

[SECURITY] [DSA 1285-1] New wordpress packages fix multiple vulnerabilities

From: Noah Meyerhans <noahm_at_nospam>
Date: Tue May 01 2007 - 18:03:33 GMT
To: Debian Security Announce <debian-security-announce@lists.debian.org>


-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

  • ------------------------------------------------------------------------ Debian Security Advisory DSA-1285-1 security@debian.org http://www.debian.org/security/ Noah Meyerhans May 01, 2007
  • ------------------------------------------------------------------------
Package : wordpress Vulnerability : several Problem type : remote Debian-specific: no CVE Id(s) : CVE-2007-1622 CVE-2007-1893 CVE-2007-1894 CVE-2007-1897

CVE-2007-1622
    Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in     WordPress before 2.0.10 RC2, and before 2.1.3 RC2 in the 2.1 series,     allows remote authenticated users with theme privileges to inject     arbitrary web script or HTML via the PATH_INFO in the administration     interface, related to loose regular expression processing of PHP_SELF.

CVE-2007-1893
    WordPress 2.1.2, and probably earlier, allows remote authenticated     users with the contributor role to bypass intended access restrictions     and invoke the publish_posts functionality, which can be used to     "publish a previously saved post."

CVE-2007-1894
    Cross-site scripting (XSS) vulnerability in     wp-includes/general-template.php in WordPress before 20070309 allows     remote attackers to inject arbitrary web script or HTML via the year     parameter in the wp_title function.

CVE-2007-1897
    SQL injection vulnerability in xmlrpc.php in WordPress 2.1.2, and     probably earlier, allows remote authenticated users to execute     arbitrary SQL commands via a string parameter value in an XML RPC     mt.setPostCategories method call, related to the post_id variable.

For the stable distribution (etch) these issues have been fixed in version 2.0.10-1.

For the testing and unstable distributions (lenny and etch, respectively), these issues have been fixed in version 2.1.3-1

We recommend that you upgrade your wordpress package.

Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

        will update the internal database apt-get upgrade

        will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives: http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.0.10-1.diff.gz Size/MD5 checksum: 8967 a9975366a65611eb333557603ca18b00 http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.0.10.orig.tar.gz Size/MD5 checksum: 520314 e9d5373b3c6413791f864d56b473dd54 http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.0.10-1.dsc Size/MD5 checksum: 561 baaa9fd3c5e532e30043b8a2a11be6aa

Architecture independent packages:

  http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.0.10-1_all.deb     Size/MD5 checksum: 529582 369bb4778790a5b3aa79584bcc7ea8ec

  These files will probably be moved into the stable distribution on   its next update.

iD8DBQFGN4CZYrVLjBFATsMRAlJzAJ9HIb9tpJ6Sid9eIRytA5gBsvRuXQCfQ+Rw /lDGH8WS6Jd/lwTCdkhfUnY=
=ep3v
-----END PGP SIGNATURE-----
-- To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org