FEDORA-EPEL-2019-bdf81699f7 created by remi 10 months ago for Fedora EPEL 6
stable

Version 5.1.4

Four security issues affect WordPress versions 5.1.3 and earlier; version 5.1.4 fixes them, so you’ll want to upgrade.

  • Props to Daniel Bachhuber for finding an issue where an unprivileged user could make a post sticky via the REST API.
  • Props to Simon Scannell of RIPS Technologies for finding and disclosing an issue where cross-site scripting (XSS) could be stored in well-crafted links.
  • Props to the WordPress.org Security Team for hardening wp_kses_bad_protocol() to ensure that it is aware of the named colon attribute.
  • Props to Nguyen The Duc for discovering a stored XSS vulnerability using block editor content.

This update has been submitted for testing by remi.

10 months ago

This update's test gating status has been changed to 'waiting'.

10 months ago

This update's test gating status has been changed to 'ignored'.

10 months ago

This update has been pushed to testing.

10 months ago

This update can be pushed to stable now if the maintainer wishes

10 months ago

This update has been submitted for stable by bodhi.

10 months ago

This update has been pushed to stable.

9 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
10 months ago
in testing
10 months ago
in stable
9 months ago

Automated Test Results