-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-1adca3e938 2023-11-03 18:20:20.954863 --------------------------------------------------------------------------------
Name : wordpress Product : Fedora 39 Version : 6.3.2 Release : 1.fc39 URL : http://www.wordpress.org Summary : Blog tool and publishing platform Description : Wordpress is an online publishing / weblog package that makes it very easy, almost trivial, to get information out to people on the web.
Important information in /usr/share/doc/wordpress/README.fedora
-------------------------------------------------------------------------------- Update Information:
**WordPress 6.3.2 ��� Maintenance and Security release** This security and maintenance release features 19 bug fixes on Core, 22 bug fixes for the Block Editor, and 8 security fixes. Security updates included in this release: * Marc Montpas of Automattic for finding a potential disclosure of user email addresses. * Marc Montpas of Automattic for finding an RCE POP Chains vulnerability. * Rafie Muhammad and Edouard L of Patchstack along with a WordPress commissioned third-party audit for each independently identifying a XSS issue in the post link navigation block. * Jb Audras of the WordPress Security Team and Rafie Muhammad of Patchstack for each independently discovering an issue where comments on private posts could be leaked to other users. * John Blackbourn (WordPress Security Team), James Golovich, J.D Grimes, Numan Turle, WhiteCyberSec for each independently identifying a way for logged-in users to execute any shortcode. * mascara7784 and a third-party security audit for identifying a XSS vulnerability in the application password screen. * Jorge Costa of the WordPress Core Team for identifying XSS vulnerability in the footnotes block. * s5s and raouf_maklouf for independently identifying a cache poisoning DoS vulnerability. -------------------------------------------------------------------------------- ChangeLog:
* Mon Oct 16 2023 Remi Collet remi@remirepo.net - 6.3.2-1 - WordPress 6.3.2 ��� Maintenance and Security release -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2244113 - CVE-2023-39999 wordpress: potential sensitive information exposure from unauthorized actors https://bugzilla.redhat.com/show_bug.cgi?id=2244113 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-1adca3e938' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------