Package: wordpress | Debian Sources

Package: wordpress / 4.1+dfsg-1+deb8u17

Metadata

Package	Version	Patches format
wordpress	4.1+dfsg-1+deb8u17	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
cs41472_41498_wp_prepare \| (download)	wp-includes/wp-db.php \| 18 15 + 3 - 0 ! 1 file changed, 15 insertions(+), 3 deletions(-)	hardening wp prepare Fixes security bug where wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this issue, but weve added hardening to prevent plugins and themes from accidentally causing a vulnerability. CVE-2017-14723
cs41436_tinymce_xss \| (download)	wp-includes/js/mce-view.js \| 8 8 + 0 - 0 ! wp-includes/script-loader.php \| 3 3 + 0 - 0 ! 2 files changed, 11 insertions(+)	remove xss from tinymce Fixes a cross-site scripting (XSS) vulnerability in the visual editor. CVE-2017-14726 https://core.trac.wordpress.org/changeset/41442/branches/4.1
cs41459_unzip \| (download)	wp-admin/includes/file.php \| 8 8 + 0 - 0 ! 1 file changed, 8 insertions(+)	validate filesystem patch before unzip Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause a path traversal vulnerability in the file unzipping code CVE-2017-14719
cs41413_plugin_template_names \| (download)	wp-admin/includes/class-wp-plugins-list-table.php \| 14 7 + 7 - 0 ! wp-admin/includes/template.php \| 2 1 + 1 - 0 ! wp-admin/plugin-editor.php \| 14 7 + 7 - 0 ! wp-admin/plugins.php \| 16 8 + 8 - 0 ! wp-admin/theme-editor.php \| 14 8 + 6 - 0 ! 5 files changed, 31 insertions(+), 29 deletions(-)	add url-encoding to plugin and template names Add missing URL-encoding and add extra hardening to plugin and template names when they're displayed in the admin area. Fixes A Cross Site Scripting (XSS) vulnerability in plugin editor and Cross Site Scripting (CSS) vulnerability in the template names CVE-2017-14720 for the template CVE-2017-14721 for plugin Was changeset 41413 in 4.8 branch
cs41424_user_referers \| (download)	wp-admin/user-edit.php \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	provide a fallback for incorrect http referrers Remove an open redirect on the user edit screen The tag/term screen does not have this issue CVE-2017-14725
cs41430_customizer_valid_themes \| (download)	wp-includes/class-wp-customize-manager.php \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	ensure valid theme in customizer preview Fixes a path traversal vulnerability in the customizer CVE-2017-14722
cs41407_css_link_dialog \| (download)	wp-includes/js/wplink.js \| 16 15 + 1 - 0 ! 1 file changed, 15 insertions(+), 1 deletion(-)	remove xss from the link modal Editor: Prevent adding javascript: and data: URLs through the inline link dialog. CVE-2017-14718 Previous changeset 41401
38474.patch \| (download)	wp-activate.php \| 7 6 + 1 - 0 ! wp-admin/user-new.php \| 4 2 + 2 - 0 ! wp-includes/ms-functions.php \| 51 38 + 13 - 0 ! 3 files changed, 46 insertions(+), 16 deletions(-)	use hash for user activation key Removes cleartext of the user activation key CVE-2017-14990
cs42296_newbloguser_key \| (download)	wp-admin/user-new.php \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	harden newbloguser key Use a properly generated hash for the newbloguser key instead of a determinate substring.
cs42064_numplaceholder_wpdbprepare \| (download)	wp-includes/post.php \| 4 2 + 2 - 0 ! wp-includes/wp-db.php \| 193 153 + 40 - 0 ! 2 files changed, 155 insertions(+), 42 deletions(-)	database: restore numbered placeholders in wpdb::prepare() Changeset 41496 removed support for numbered placeholders in queries send through wpdb::prepare(), which, despite being undocumented, were quite commonly used. This change restores support for numbered placeholders (as well as a subset of placeholder formatting), while also adding extra checks to ensure the correct number of arguments are being passed to wpdb::prepare(), given the number of placeholders.
cs42297_lang_esc \| (download)	wp-includes/general-template.php \| 12 7 + 5 - 0 ! 1 file changed, 7 insertions(+), 5 deletions(-)	add escaping to the language attributes used on html elements
cs42298_attrib_encl_escape \| (download)	wp-includes/feed.php \| 4 2 + 2 - 0 ! 1 file changed, 2 insertions(+), 2 deletions(-)	escape enclosure attributes Hardening: Ensure the attributes of enclosures are correctly escaped in RSS and Atom feeds.
cs42299_javascript_upload_restrict \| (download)	wp-includes/functions.php \| 5 3 + 2 - 0 ! 1 file changed, 3 insertions(+), 2 deletions(-)	restrict javascript uploads Remove the ability to upload JavaScript files for users who do not have the unfiltered_html capability. CVE-2017-17091
CVE 2017 9066 \| (download)	wp-includes/class-http.php \| 21 21 + 0 - 0 ! 1 file changed, 21 insertions(+)	improve redirection handling This patch was based on upstream fix for CVE-2017-9066 (76d77e927bb4d0f87c7262a50e28d84e01fd2b11). Since wordpress version 3.6.1 does not use the hooks schema that is used by the latest upstream version (4.8), I need to adapt it a bit. Before each redirection, the location is validated by wp_http_validate_url, if any error is found wordpress will return wp_http.redirect_failed_validation error. Modified by Craig as WordPress 4.1 has their redirections in one place, but still do not have the hooks as in 4.7 CVE-2017-9066
CVE 2018 10100.patch \| (download)	wp-login.php \| 4 2 + 2 - 0 ! 1 file changed, 2 insertions(+), 2 deletions(-)	cve-2018-10100
CVE 2018 10102.patch \| (download)	wp-includes/general-template.php \| 14 7 + 7 - 0 ! 1 file changed, 7 insertions(+), 7 deletions(-)	cve-2018-10102

« Previous 1 2