Back to wordpress PTS page

Accepted wordpress 3.5.2+dfsg-1 (source all)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 25 Jun 2013 15:52:07 +0200
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 3.5.2+dfsg-1
Distribution: unstable
Urgency: low
Maintainer: Giuseppe Iuculano <iuculano@debian.org>
Changed-By: Raphaël Hertzog <hertzog@debian.org>
Description: 
 wordpress  - weblog manager
 wordpress-l10n - weblog manager - language files
Closes: 713947
Changes: 
 wordpress (3.5.2+dfsg-1) unstable; urgency=low
 .
   * New upstream release with many security fixes. Closes: #713947
     * Server-Side Request Forgery (SSRF) via the HTTP API. CVE-2013-2199.
     * Privilege Escalation: Contributors can publish posts, and users can
       reassign authorship. CVE-2013-2200.
     * Cross-Site Scripting (XSS) in SWFUpload. CVE-2013-2205.
     * Denial of Service (DoS) via Post Password Cookies. CVE-2013-2173.
     * Content Spoofing via Flash Applet in TinyMCE Media Plugin.
       CVE-2013-2204.
     * Cross-Site Scripting (XSS) when Uploading Media. CVE-2013-2201.
     * Full Path Disclosure (FPD) during File Upload. CVE-2013-2203.
   * Additional security hardening includes:
     * Cross-Site Scripting (XSS) (Low Severity) when Editing Media.
       CVE-2013-2201.
     * Cross-Site Scripting (XSS) (Low Severity) when Installing/Updating
       Plugins/Themes. CVE-2013-2201.
     * XML External Entity Injection (XXE) via oEmbed. CVE-2013-2202.
   * Update the Vcs-Git and Vcs-Browser URLs.
   * Update Standards-Version to 3.9.4.
Checksums-Sha1: 
 abe1dd7ea2c1d0a5961b2648eacd9ada77770b8f 2343 wordpress_3.5.2+dfsg-1.dsc
 0b0ed001dfaf4d9ea10d1cd6bf32c8755b1b098e 4261024 wordpress_3.5.2+dfsg.orig.tar.xz
 8f80c1fc8c0524ac0a6d15e7cd54cd1b6849c3cc 5258120 wordpress_3.5.2+dfsg-1.debian.tar.xz
 661e4b724139dcc44b2b31ef25ab7f62659d5331 4932866 wordpress_3.5.2+dfsg-1_all.deb
 9bf6af1c2b9e47ee80a0f35250c708cc110b7ea9 8818988 wordpress-l10n_3.5.2+dfsg-1_all.deb
Checksums-Sha256: 
 04bc9447d57be1dd7ddd5585120dd254ab631663b5f18a570a35cc8262282106 2343 wordpress_3.5.2+dfsg-1.dsc
 c4403b912ec5154aa2ff67e2b7afa5a4b67dca055e3421cc000212b73e6f1eb4 4261024 wordpress_3.5.2+dfsg.orig.tar.xz
 9e21d3dc6c5dee8bd8e7fe08cba440e34d80d06e1b66c6586ab68d8d680bd4af 5258120 wordpress_3.5.2+dfsg-1.debian.tar.xz
 48807ba99cc996dc3fe550ab99e594231d5b99e64cc140627e9186ea633b4f8d 4932866 wordpress_3.5.2+dfsg-1_all.deb
 8140a6f72b1f99e504db0c42c76141c6b0f89109a41c113836fa06fec36922b9 8818988 wordpress-l10n_3.5.2+dfsg-1_all.deb
Files: 
 404c215f8b82e5e528ec458d957afd28 2343 web optional wordpress_3.5.2+dfsg-1.dsc
 9dcb3e16668d19373ffdf9b0fe2657dd 4261024 web optional wordpress_3.5.2+dfsg.orig.tar.xz
 9639064ce0054cda67e0bec232bd6648 5258120 web optional wordpress_3.5.2+dfsg-1.debian.tar.xz
 44db80b3a87460fbcc8989799376a3e1 4932866 web optional wordpress_3.5.2+dfsg-1_all.deb
 ddd9746396ba0a65fac7a08cba3aa97f 8818988 localization optional wordpress-l10n_3.5.2+dfsg-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Signed by Raphael Hertzog

iQIcBAEBCAAGBQJRybRCAAoJEOYZBF3yrHKaUNUP/jSmImj06ock7ljScmfUN2su
EmSHEwdRVr1kRgdlKwXKShRoJV5LnerIcwe3jCK1X+UoOXZy+dinwQC8u8hog8RP
8pJAXdlaIZHG3pUu5dDj3NdwAEv4y3IoTo8v9sbQ9DhrmJ9FDloZX80U/iiatTdY
qEKEc6L8T0vuz0cdGKQLch+RoYB0jVQLXCqy3ZABsHX6IxQNVjuqZds5NixyZqrx
ONmmctAEpOeUJCW2SSVU8tqn7GmPgHXtMTi0YLwE2i9m0dCMWhJRQAv/FKyiApVK
EnuA6ASVOqAoQh9Ikm2h0Bc4pKpfggciWp8VgrmifDsTqAD/ZSPtWskH2pddOuq4
NZJTNImcBAJXOo6q7ha5cIhk10O89mUcFCkontSUD+MbRcidlXTvsJy7Re4ECvHL
nm7NFoLvUraa1cbbiBfIRFdqAt247bnvV3L4RDQWUx8/tgfFKQSKlroxWiRcXXzZ
Zknoz5UXL9bOAaz2xQu61CR9z4XU3lY9XYIdNeYGSac0RscJKxt+93l06gBTKOG2
xRKQQIAHRXgazUAO/gtxPqVy3fkOJxsxJN26r1Ihn1wk/68pYc6aD+rZATuz+Jmr
HifFPbZzgItw36NcXs49QsqYUAnifdH5g3LDFTx8vZH9KDd6aJ7kseXpLZWqegq2
rhkGrjYxeocyE61Zh7Pq
=dhFx
-----END PGP SIGNATURE-----