Stay Secure with the Latest Linux Advisories

security advisoryfedoracross-site scripting

Fedora 22: FEDORA-2016-4c8956da04 Moderate: WordPress XSS Fix

**WordPress 4.4.1 Security and Maintenance Release** WordPress versions 4.4 and earlier are affected by a cross-site scripting vulnerability that could allow a site to be compromised. This was reported by Crtc4L. There were also several non-security bug fixes: * Emoji support has been updated to include all of the latest emoji characters, including the new diverse emoji! 👍👌👏 * Some sites [More...]. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-4c8956da04 2016-01-16 10:00:26.012198 -------------------------------------------------------------------------------- Name : wordpress Product : Fedora 22 Version : 4.4.1 Release : 1.fc22 URL : https://wordpress.org/ Summary : Blog tool and publishing platform Description : Wordpress is an online publishing / weblog package that makes it very easy, almost trivial, to get information out to people on the web. Important information in /usr/share/doc/wordpress/README.fedora -------------------------------------------------------------------------------- Update Information: **WordPress 4.4.1 Security and Maintenance Release** WordPress versions 4.4 and earlier are affected by a cross-site scripting vulnerability that could allow a site to be compromised. This was reported by Crtc4L. There were also several non-security bug fixes: * Emoji support has been updated to include all of the latest emoji characters, including the new diverse emoji! 👍👌👏 * Some sites with older versions of OpenSSL installed were unable to communicate with other services provided through some plugins. * If a post URL was ever re-used, the site could redirect to the wrong post. WordPress 4.4.1 fixes 52 bugs from 4.4. For more information, see the [release notes](https://wordpress.org/documentation/wordpress-version/version-4-4-1/ or consult the [listof changes](https://core.trac.wordpress.org/query?milestone=4.4.1). -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update wordpress' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- . The recent Fedora update for WordPress 4.4.1 enhances security measures by tackling cross-site scripting vulnerabilities, while also introducing several critical bug resolutions.. WordPress Security,Fedora Updates,Cross-Site Scripting,Software Management. . Severity: Important. LinuxSecurity.com Team

Jan 16, 2016 •Important Fedora