WordPress 3.8.2 was released yesterday which contains some important security fixes. This is an important security release and the Debian packages were uploaded to the ftp-master a few minutes ago.
Besides fixing Debian Bug #744018, the release fixes the following two vulnerabilities (as mentioned in the bug report):
- CVE-2014-0165 WordPress privilege escalation: prevent contributors from publishing posts
- CVE-2014-0166 WordPress potential authentication cookie forgery
I recommend if you use the Debian package to upgrade as soon as it is available.
Related articles
- WordPress 3.8.2 Addresses 2 Vulnerabilities, Includes 3 Security Hardening Changes (news.softpedia.com)
- WordPress 3.8.2 now available to download and install (thewayoftheweb.net)
6 thoughts on “Important WordPress update”
Planet Debian: Craig Small: Important WordPress update http://t.co/fAJkXeFV0G
Craig Small: Important WordPress update http://t.co/Z3AKZF3kZS #debian #linux
Craig Small: Important WordPress update: WordPress 3.8.2 was released yesterday which contains some important … http://t.co/HKQNP44Doi
@planetdebian: Craig Small: Important WordPress update http://t.co/9jlyuojrwG #arsipweb
Craig Small: Important WordPress update: WordPress 3.8.2 was released yesterday which contains some important … http://t.co/CBQjEOs21M