Back to wordpress PTS page

Accepted wordpress 4.1+dfsg-1+deb8u13 (source all) into proposed-updates->stable-new, proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 16 Mar 2017 06:19:41 +1100
Source: wordpress
Binary: wordpress wordpress-l10n wordpress-theme-twentyfifteen wordpress-theme-twentyfourteen wordpress-theme-twentythirteen
Architecture: source all
Version: 4.1+dfsg-1+deb8u13
Distribution: jessie-security
Urgency: medium
Maintainer: Craig Small <csmall@debian.org>
Changed-By: Craig Small <csmall@debian.org>
Description:
 wordpress  - weblog manager
 wordpress-l10n - weblog manager - language files
 wordpress-theme-twentyfifteen - weblog manager - twentytfifteen theme files
 wordpress-theme-twentyfourteen - weblog manager - twentyfourteen theme files
 wordpress-theme-twentythirteen - weblog manager - twentythirteen theme files
Closes: 857026
Changes:
 wordpress (4.1+dfsg-1+deb8u13) jessie-security; urgency=medium
 .
   * Backport patches from 4.7.3 Closes: #857026
     - CVE-2017-6814
       Cross-site scripting (XSS) via media file metadata.
       Changeset 40155
     - CVE-2017-6815
       Control characters can trick redirect URL validation.
       Changeset 40190
     - CVE-2017-6816
       Unintended files can be deleted by administrators using the plugin
       deletion functionality.
       Changeset 40176
     - CVE-2017-6817
       Cross-site scripting (XSS) via video URL in YouTube embeds.
       Chamgeset 40167
   * Not vulnerable:
     - CVE-2017-6819
       Cross-site request forgery (CSRF) in Press This leading to excessive
       use of server resources.
       Press This introduced in 4.2
     - CVE-2017-6818
       Cross-site scripting (XSS) via taxonomy term names.
Checksums-Sha1:
 9dc6a86e174682f3449cd58be79d84eb3449e13c 2551 wordpress_4.1+dfsg-1+deb8u13.dsc
 c5eb50e0dfa3c2000f77c610c584b8b98d57c0c0 6159176 wordpress_4.1+dfsg-1+deb8u13.debian.tar.xz
 e5fa9d8bdc114d7e49cb0bb515fef4068865d2a5 3173472 wordpress_4.1+dfsg-1+deb8u13_all.deb
 c48ecab5fe72bf8752a08bab77779cd2f093508b 4239634 wordpress-l10n_4.1+dfsg-1+deb8u13_all.deb
 fe4449da60e2f40adaad880081580c44fd464262 502816 wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u13_all.deb
 273afa5c639e434a0b0550161c384caed19cf02e 804064 wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u13_all.deb
 21d37e2d4c14bccd69b19760fb7e09b2dd12f84d 321664 wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u13_all.deb
Checksums-Sha256:
 2b3ac02a5a019fe03e517e1ee27bcbdb96c2bd4eae37cc71b8696798f36fef1b 2551 wordpress_4.1+dfsg-1+deb8u13.dsc
 6b84b39fc797e68864d08bfe6e11f455cc18a5b098d8f93d31f03429c4a368f3 6159176 wordpress_4.1+dfsg-1+deb8u13.debian.tar.xz
 6e79466486a79e1ec9e2e3eabbd33b94332586f69de03ed5b4e09127a80d96db 3173472 wordpress_4.1+dfsg-1+deb8u13_all.deb
 c261fd7e6600ec94c0cddb4c670cbb7a50d2c6d5640211ae1141cd47351ee543 4239634 wordpress-l10n_4.1+dfsg-1+deb8u13_all.deb
 ce299ba16a1a63823640191c63632cef4ff0915d6bf0140401f48f757a33602d 502816 wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u13_all.deb
 8f97ecac5f8e7d06b82e6a8b097b43695be4d000b8c5c06012bc99dbc547cfff 804064 wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u13_all.deb
 c7b8a9cffbb279f7613b922b64d80bd3adc6b0b621aba2060a2037f330cce3f7 321664 wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u13_all.deb
Files:
 5e62aea8c65b5dd7efecf8069cdf6d9c 2551 web optional wordpress_4.1+dfsg-1+deb8u13.dsc
 40e7ac8123a1835746dbdbcbbd604364 6159176 web optional wordpress_4.1+dfsg-1+deb8u13.debian.tar.xz
 b1d97314c1ea13752e2dc6cfc07e928d 3173472 web optional wordpress_4.1+dfsg-1+deb8u13_all.deb
 68df51ca037579fb58cb035345dec217 4239634 localization optional wordpress-l10n_4.1+dfsg-1+deb8u13_all.deb
 2eac51ed1ff368258895e37b504a9e15 502816 web optional wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u13_all.deb
 85a6b8534707e3cdf6e57e333aff3b56 804064 web optional wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u13_all.deb
 654507f743bc36f588eba44bfcafc268 321664 web optional wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u13_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXT3w9TizJ8CqeneiAiFmwP88hOMFAljMrl4ACgkQAiFmwP88
hOP9mBAAgZPI1aS+zf1Nqp6Za/zWU7gm2aF8pmtyrei7SwcBKiA6b1ohUfwlAomK
3sn7AX92nGcrN1Hq1hqX67sqtt9Z814x/ApskD/W5UtbsD0I4NMKjYzBiyrszaY6
u8ZmHOW4rI05U0LtCK1jOgD8VQk+hdPgZS+uhAbptMzCBBj63jNKFQCO1yIENlYP
aD1k6wWpRuvPa4i4MMB9oKuW9lDtn38OLSQP0N9j8qwaid419v7PykSMf5HuoWwe
Wz7Yg6Rjg1uezqh7AZNGIhsBoWHsO0FpgXDcZ5KqzVuRAUA6fZNkJvxpVuvUGzUC
zPm6zp8jAoiNuBU4FRtQwwZE+ojZvdYfY96Qq2Vp04uT5KiyWUQ2cn+fMh0IYZdj
cpsZRqtJogv+zrtjNNJFUPv2UWk/eeb5G2CYlCQ5EDPckvxkGESOTDRbVotBdWrA
VEisNylJ6WCXwaCXBcZGqbXQInlWIBoC7FfqhV4SaFpI1E3Xy4oHo39acO4ZwQiG
B0HX0PBbC88usTKKQQOpu05O5vDNR8NUrl0dTYf4lUQ1mUCQUqchhg9pYgSA0bZE
BTxg5habvfjhkkPpkwSYBX3TPqCdh70uHMr+2IjVPEODFLEIti4sirc3cPVgY0EG
FPKgJ/5CE60dU+DttWe0PsSOLSh6WxAd3GzCUrugIePzZh5AI18=
=Y0AY
-----END PGP SIGNATURE-----