Public bug reported: Hello Everybody,
"WordPress 4.2.4 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. This release addresses six issues, including three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site, which were discovered by Marc-Alexandre Montpas of Sucuri, Helen Hou-Sandà of the WordPress security team, Netanel Rubin of Check Point, and Ivan Grigorov. It also includes a fix for a potential timing side-channel attack, discovered by Johannes Schmitt of Scrutinizer, and prevents an attacker from locking a post from being edited, discovered by Mohamed A. Baset." Source : https://wordpress.org/news/2015/08/wordpress-4-2-4-security- and-maintenance-release/ So, is it possible to check if wordpress packages are vulnerable, and update them ? (Ubuntu 12.04 : wordpress 3.3.1+dfsg-1 0, Ubuntu 14.04 : wordpress 3.8.2+dfsg-1ubuntu0.1 0, ...) Thanks. Have a good day ! ** Affects: wordpress (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1496825 Title: Wordpress package security issue To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wordpress/+bug/1496825/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs