-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 08 May 2024 22:36:13 +0200 Source: wordpress Binary: wordpress wordpress-l10n wordpress-theme-twentynineteen wordpress-theme-twentytwenty wordpress-theme-twentytwentyone Architecture: all Version: 5.7.11+dfsg1-0+deb11u1 Distribution: bullseye-security Urgency: high Maintainer: all / amd64 / i386 Build Daemon (x86-conova-02) Changed-By: Markus Koschany Description: wordpress - weblog manager wordpress-l10n - weblog manager - language files wordpress-theme-twentynineteen - weblog manager - twentynineteen theme files wordpress-theme-twentytwenty - weblog manager - twentytwenty theme files wordpress-theme-twentytwentyone - weblog manager - twentytwentyone theme files Changes: wordpress (5.7.11+dfsg1-0+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload. * Fix CVE-2024-31210, CVE-2023-39999, CVE-2023-38000, CVE-2023-5561, CVE-2023-2745. Several security vulnerabilities have been discovered in Wordpress, a popular content management framework, which may lead to exposure of sensitive information to an unauthorized actor in WordPress or allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack. Furthermore this update resolves a possible cross-site-scripting vulnerability, a PHP File Upload bypass via the plugin installer and a possible remote code execution vulnerability which requires an attacker to control all the properties of a deserialized object though. Checksums-Sha1: 5e4090751129d7a4cabab9030b5c6320c5061497 4385852 wordpress-l10n_5.7.11+dfsg1-0+deb11u1_all.deb 2a0f1e6cae6f06e4532d2e59f0f7fcc0975c8008 501580 wordpress-theme-twentynineteen_5.7.11+dfsg1-0+deb11u1_all.deb 52f06b65cae7082240582adf735b7b5d050224a7 773436 wordpress-theme-twentytwenty_5.7.11+dfsg1-0+deb11u1_all.deb 6de834a5259fb4fce9398b1c4f4dc9dc2ee0cc51 2587160 wordpress-theme-twentytwentyone_5.7.11+dfsg1-0+deb11u1_all.deb b16bd056139885ca04fbb69d5b4ae4089b73079e 7667 wordpress_5.7.11+dfsg1-0+deb11u1_all-buildd.buildinfo 7956ad58bc57b6f66bd17349f4dfaad4098599f7 7788440 wordpress_5.7.11+dfsg1-0+deb11u1_all.deb Checksums-Sha256: b7a08c790619ca59e0a41d4dbcf7c77e85dc9736b8d2d8eb2da62f4862829cfb 4385852 wordpress-l10n_5.7.11+dfsg1-0+deb11u1_all.deb 60a539ff9f6a95c195211b9e6afa813eda407945228105b40a8bde55befe75c5 501580 wordpress-theme-twentynineteen_5.7.11+dfsg1-0+deb11u1_all.deb 6deb807f99e01148c15b63f2f64eb6f587cc8d7f243145344e5ff84fa5f7f85f 773436 wordpress-theme-twentytwenty_5.7.11+dfsg1-0+deb11u1_all.deb 37d12485b3277a1cd19410953e5abe7bc500a60db2d05878745cc8a2dddc45e7 2587160 wordpress-theme-twentytwentyone_5.7.11+dfsg1-0+deb11u1_all.deb fd9f373ed2a41890f20cf7821fec6908762b1b8a8a34d0e3e9070b827eece7cf 7667 wordpress_5.7.11+dfsg1-0+deb11u1_all-buildd.buildinfo 50ab5d54a5a43ecd5ce48afde5bc36f42afdd00b435a40b9037edd9ff81d7ff5 7788440 wordpress_5.7.11+dfsg1-0+deb11u1_all.deb Files: c109b4189af441ce92845b2f967b413e 4385852 localization optional wordpress-l10n_5.7.11+dfsg1-0+deb11u1_all.deb df285a020251f16365f7502eea2989f4 501580 web optional wordpress-theme-twentynineteen_5.7.11+dfsg1-0+deb11u1_all.deb 2cd4cd237cfdf41a8e02e08742c791b7 773436 web optional wordpress-theme-twentytwenty_5.7.11+dfsg1-0+deb11u1_all.deb e666206e13d3286335f8f7fe41c6ef5f 2587160 web optional wordpress-theme-twentytwentyone_5.7.11+dfsg1-0+deb11u1_all.deb 23025afd48093cecff5be5304ef57795 7667 web optional wordpress_5.7.11+dfsg1-0+deb11u1_all-buildd.buildinfo e07ef372e0b9afd83c137e1bc2e0e4f8 7788440 web optional wordpress_5.7.11+dfsg1-0+deb11u1_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEErEDrIdpJkzFMm6K+PyQET5WCY90FAmY77icACgkQPyQET5WC Y93f9g/+OLTqz2vXRwyjfjPdRiRQhl8IeKH1eKxfnVFggSmVCQV5ezMV2HnWdQzV kdqrrz6x09OcaeY8VwuMmEPITB8Yp48/JyADgh9GQMA3KgP29QPPzxORSwFp2C6v plD4yzPnnfT9h/cwcwSGNVdEiVBlHN5HthtXPctkLWEoGL2BManQWfhOgyHHzLGj P1sGH0avVMubnOyVRXq4EjK1aovlO2vTTtVET4+9gze3l2UdSa+ZAqTMIy9NAXof Xe3kWJ0ynoSl1DcfD4Ud8znKz6IX+bqFldyJhXvEFlL3wmsTayr21gXdEmw9utPd uWK/SZek/w+aiHjwGo5y9tIjYxCwIKS7n1vwgY9EzGwnSF7sMvSdjtvYkgbeXsjU Qfg2hxK6cg1dJt6wwuUFWlVRdwxNT2RtijgCLnOkDxoklWf3AC/t34rDfSW42Q8d JZYTEMio/RIXldJ9OiqkvGy6z5AlO2W5EcZ8aJ5G4wJ9EtuzzEF/Zhu3vs7xGSW/ dn9KZFD3a4bXQS+N2U7fLlOQDhpk24gk6/jHcQjZziMarQsldizHv8DVq7G0zchx p7SDOYCmwXxpdI8lLqQo8x3QQ+XDiLZBNjD/DrYOoOtjFk2F4ZtFUcXsgiwdr3Z+ fz+1QkX3N+ub3MmLpXPO7m2yg3T2MItzoQ+dPXVaOkiLO9FfyNo= =8Me/ -----END PGP SIGNATURE-----