wordpress 6.0.3+dfsg1-1ubuntu1 source package in Ubuntu
Changelog
wordpress (6.0.3+dfsg1-1ubuntu1) lunar; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/setup-mysql: create the user before granting privileges, and
use mysql_native_password authentication.
wordpress (6.0.3+dfsg1-1) unstable; urgency=high
* New security release Closes: #1022575
- Stored XSS via wp-mail.php (post by email)
- Open redirect in `wp_nonce_ays`
- Sender’s email address is exposed in wp-mail.php
- Media Library – Reflected XSS via SQLi
- CSRF in wp-trackback.php
- Stored XSS via the Customizer
- Revert shared user instances introduced in 50790
- Stored XSS in WordPress Core via Comment Editing
- Data exposure via the REST Terms/Tags Endpoint
- Content from multipart emails leaked
- SQL Injection due to improper sanitization in `WP_Date_Query`
- RSS Widget: Stored XSS issue
- Stored XSS in the search block
- Feature Image Block: XSS issue
- RSS Block: Stored XSS issue
- Fix widget block XSS
wordpress (6.0.2+dfsg1-1) unstable; urgency=medium
* New security release Closes: #1018863
- Possible link SQL injection within the Link API
- XSS in Plugins screen
- Output escaping issue within the_meta()
-- Steve Langasek <email address hidden> Mon, 07 Nov 2022 19:54:18 -0800
Upload details
- Uploaded by:
- Steve Langasek
- Uploaded to:
- Lunar
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- web
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| wordpress_6.0.3+dfsg1.orig.tar.xz | 14.8 MiB | 5f10b256f9072d35a4cb241a804610026d804d5bb448fcd99590d63cce03dd7a |
| wordpress_6.0.3+dfsg1-1ubuntu1.debian.tar.xz | 6.5 MiB | b77c607a70f4a51a2b142e6de05112388fd7643249b6e4518137628b1f86301f |
| wordpress_6.0.3+dfsg1-1ubuntu1.dsc | 2.5 KiB | cb52ea743d7e104d28c53fea7c38cb8d6307d24d5431e38a3d6f5e4bd5101338 |
Available diffs
Binary packages built by this source
- wordpress: weblog manager
WordPress is a full featured web blogging tool:
* Instant publishing (no rebuilding)
* Comment pingback support with spam protection
* Non-crufty URLs
* Themable
* Plugin support
- wordpress-l10n: weblog manager - language files
WordPress is a full featured web blogging tool:
* Instant publishing (no rebuilding)
* Comment pingback support with spam protection
* Non-crufty URLs
* Themable
* Plugin support
This package contains WordPress language files
- wordpress-theme-twentytwenty: No summary available for wordpress-theme-twentytwenty in ubuntu lunar.
No description available for wordpress-
theme-twentytwe nty in ubuntu lunar.
- wordpress-theme-twentytwentyone: weblog manager - twentytwentyone theme files
WordPress is a full featured web blogging tool:
* Instant publishing (no rebuilding)
* Comment pingback support with spam protection
* Non-crufty URLs
* Themable
* Plugin support
This package contains WordPress twentytwentyone theme files
NOTE: This theme requires access to public CDNs for use of
some font or CSS files.
- wordpress-theme-twentytwentytwo: weblog manager - twentytwentytwo theme files
WordPress is a full featured web blogging tool:
* Instant publishing (no rebuilding)
* Comment pingback support with spam protection
* Non-crufty URLs
* Themable
* Plugin support
This package contains WordPress twentytwentytwo theme files
NOTE: This theme requires access to public CDNs for use of
some font or CSS files.
