diff options
Diffstat (limited to 'zarb-ml/mageia-dev/2013-January/022038.html')
| -rw-r--r-- | zarb-ml/mageia-dev/2013-January/022038.html | 106 |
1 files changed, 106 insertions, 0 deletions
diff --git a/zarb-ml/mageia-dev/2013-January/022038.html b/zarb-ml/mageia-dev/2013-January/022038.html new file mode 100644 index 000000000..b187e90f5 --- /dev/null +++ b/zarb-ml/mageia-dev/2013-January/022038.html @@ -0,0 +1,106 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-dev] Freeze push: wordpress 3.5.1 + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Freeze%20push%3A%20wordpress%203.5.1&In-Reply-To=%3C51023465.4070504%40gmail.com%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="022037.html"> + <LINK REL="Next" HREF="022039.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-dev] Freeze push: wordpress 3.5.1</H1> + <B>Anne Nicolas</B> + <A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Freeze%20push%3A%20wordpress%203.5.1&In-Reply-To=%3C51023465.4070504%40gmail.com%3E" + TITLE="[Mageia-dev] Freeze push: wordpress 3.5.1">ennael1 at gmail.com + </A><BR> + <I>Fri Jan 25 08:29:41 CET 2013</I> + <P><UL> + <LI>Previous message: <A HREF="022037.html">[Mageia-dev] Freeze push: wordpress 3.5.1 +</A></li> + <LI>Next message: <A HREF="022039.html">[Mageia-dev] Freeze push: wordpress 3.5.1 +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#22038">[ date ]</a> + <a href="thread.html#22038">[ thread ]</a> + <a href="subject.html#22038">[ subject ]</a> + <a href="author.html#22038">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>Le 25/01/2013 06:07, FundaWang a écrit : +><i> Hello, +</I>><i> Could wordpress 3.5.1 be pushed? It addresses the following security issues: +</I>><i> * A server-side request forgery vulnerability and remote port scanning using pingbacks. This vulnerability, which could potentially be used to expose information and compromise a site, affects all previous WordPress versions. This was fixed by the WordPress security team. We’d like to thank security researchers Gennady Kovshenin and Ryan Dewhurst for reviewing our work. +</I>><i> * Two instances of cross-site scripting via shortcodes and post content. These issues were discovered by Jon Cave of the WordPress security team. +</I>><i> * A cross-site scripting vulnerability in the external library Plupload. Thanks to the Moxiecode team for working with us on this, and for releasing Plupload 1.5.5 to address this issue. +</I>><i> Regards. +</I> +Done + +-- +Anne +<A HREF="http://mageia.org">http://mageia.org</A> +</PRE> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="022037.html">[Mageia-dev] Freeze push: wordpress 3.5.1 +</A></li> + <LI>Next message: <A HREF="022039.html">[Mageia-dev] Freeze push: wordpress 3.5.1 +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#22038">[ date ]</a> + <a href="thread.html#22038">[ thread ]</a> + <a href="subject.html#22038">[ subject ]</a> + <a href="author.html#22038">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev +mailing list</a><br> +</body></html> |