Bug#895034: wordpress: versions 4.9.4 and earlier are affected by three security issues

On Sat, 7 Apr 2018 at 05:19 Salvatore Bonaccorso wrote: > Have you requested CVEs for those three new issues? > Yes I have, through SWF with their JSON templates. I'll see how that goes. - Craig -- Craig Small https://dropbear.xyz/ csmall at : dropbear.xyz

Bug#895034: wordpress: versions 4.9.4 and earlier are affected by three security issues

Hi Craig, On Thu, Apr 05, 2018 at 09:12:45PM +1000, Craig Small wrote: > Source: wordpress > Version: 4.9.4-1 > Severity: grave > Tags: security upstream > Justification: user security hole > > WordPress 4.9.5 fixes 3 security issues: > 1) Don't treat localhost as same host by default. > 2) Use

Bug#895034: wordpress: versions 4.9.4 and earlier are affected by three security issues

Source: wordpress Version: 4.9.4-1 Severity: grave Tags: security upstream Justification: user security hole WordPress 4.9.5 fixes 3 security issues: 1) Don't treat localhost as same host by default. 2) Use safe redirects when redirecting the login page if SSL is forced. 3) Make sure the version