FEDORA-2017-338a3f27e5 created by remi 2 years ago for Fedora 24
stable

WordPress 4.7.2 Security Release

WordPress 4.7.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.

WordPress versions 4.7.1 and earlier are affected by three security issues:

  • The user interface for assigning taxonomy terms in Press This is shown to users who do not have permissions to use it. Reported by David Herrera of Alley Interactive.
  • WP_Query is vulnerable to a SQL injection (SQLi) when passing unsafe data. WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from accidentally causing a vulnerability. Reported by Mo Jangda (batmoo).
  • A cross-site scripting (XSS) vulnerability was discovered in the posts list table. Reported by Ian Dunn of the WordPress Security Team.

How to install

sudo dnf upgrade --advisory=FEDORA-2017-338a3f27e5
This update has been submitted for testing by remi. 2 years ago
remi edited this update. 2 years ago
This update has been pushed to testing. 2 years ago
User Icon adamwill commented & provided feedback 2 years ago
karma

We need this released ASAP. Works fine on 25.

BZ#1417159 CVE-2017-5610 CVE-2017-5611 CVE-2017-5612 wordpress: Multiple security fixes in 4.7.2 [fedora-all]
BZ#1417158 CVE-2017-5610 CVE-2017-5611 CVE-2017-5612 wordpress: Multiple security fixes in 4.7.2
User Icon pbrobinson commented & provided feedback 2 years ago
karma

works fine el7

BZ#1417159 CVE-2017-5610 CVE-2017-5611 CVE-2017-5612 wordpress: Multiple security fixes in 4.7.2 [fedora-all]
BZ#1417158 CVE-2017-5610 CVE-2017-5611 CVE-2017-5612 wordpress: Multiple security fixes in 4.7.2
This update has been submitted for stable by bodhi. 2 years ago
User Icon chr77 commented & provided feedback 2 years ago
karma

Works for me

User Icon tenk provided feedback 2 years ago
karma
This update has been pushed to stable. 2 years ago

Please login to add feedback.

Metadata
Type
security
Karma
4
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
modified
2 years ago
BZ#1417158 CVE-2017-5610 CVE-2017-5611 CVE-2017-5612 wordpress: Multiple security fixes in 4.7.2
0
2
BZ#1417159 CVE-2017-5610 CVE-2017-5611 CVE-2017-5612 wordpress: Multiple security fixes in 4.7.2 [fedora-all]
0
2

Automated Test Results