[SECURITY] Fedora 27 Update: wordpress-4.9.7-1.fc27

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2018-8fc2cb8cb0 2018-07-14 23:35:16.048315 -------------------------------------------------------------------------------- Name : wordpress Product : Fedora 27 Version : 4.9.7 Release : 1.fc27 URL : http://www.wordpress.org Summary : Blog tool and publishing platform Description : Wordpress is an online publishing / weblog package that makes it very easy, almost trivial, to get information out to people on the web. Important information in /usr/share/doc/wordpress/README.fedora -------------------------------------------------------------------------------- Update Information: Update to 4.9.7 security release. https://wordpress.org/news/2018/07/wordpress-4-9-7-security-and-maintenance- release/ -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 5 2018 Kevin Fenzi <kevin(a)scrye.com&gt; - 4.9.7-1 - Update to 4.9.7 security update. Fixes bug #1598612 - Fixes CVE-2018-12895 bugs #1595584 and #1595585 * Fri May 18 2018 Kevin Fenzi <kevin(a)scrye.com&gt; - 4.9.6-1 - Update to 4.9.6. Fixes bug #1579584 * Wed Apr 4 2018 Remi Collet <remi(a)remirepo.net&gt; - 4.9.5-1 - WordPress 4.9.5 Security and Maintenance Release * Wed Feb 7 2018 Remi Collet <remi(a)remirepo.net&gt; - 4.9.4-1 - WordPress 4.9.4 Maintenance Release * Wed Jan 17 2018 Remi Collet <remi(a)remirepo.net&gt; - 4.9.2-1 - WordPress 4.9.2 Security and Maintenance Release - drop non-free jshint.js file #1528765 * Thu Nov 30 2017 Remi Collet <remi(a)remirepo.net&gt; - 4.9.1-1 - WordPress 4.9.1 Security and Maintenance Release * Thu Nov 16 2017 Remi Collet <remi(a)remirepo.net&gt; - 4.9-1 - WordPress 4.9 ���Tipton��� - minify patched JS files * Tue Oct 31 2017 Kevin Fenzi <kevin(a)scrye.com&gt; - 4.8.3-1 - Update to 4.8.3. Security release. Fixes bug #1508255 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1595585 - CVE-2018-12895 wordpress: Author users can execute arbitrary code by leveraging directory traversal on the wp-admin/post.php thumb parameter [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1595585 [ 2 ] Bug #1598612 - wordpress-4.9.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1598612 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-8fc2cb8cb0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------