Accepted wordpress 4.1+dfsg-1+deb8u16 (source all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 06 Jan 2018 20:10:26 +1100
Source: wordpress
Binary: wordpress wordpress-l10n wordpress-theme-twentyfifteen wordpress-theme-twentyfourteen wordpress-theme-twentythirteen
Architecture: source all
Version: 4.1+dfsg-1+deb8u16
Distribution: jessie-security
Urgency: high
Maintainer: Craig Small <csmall@debian.org>
Changed-By: Craig Small <csmall@debian.org>
Description:
wordpress - weblog manager
wordpress-l10n - weblog manager - language files
wordpress-theme-twentyfifteen - weblog manager - twentytfifteen theme files
wordpress-theme-twentyfourteen - weblog manager - twentyfourteen theme files
wordpress-theme-twentythirteen - weblog manager - twentythirteen theme files
Changes:
wordpress (4.1+dfsg-1+deb8u16) jessie-security; urgency=high
.
* Backport securitty patches from 4.9.1
- CVE-2017-17091 Changeset: 42296
Use a properly generated hash for the newbloguser key instead
of a determinate substring.
- CVE-2017-17092 Changeset: 42299
Remove the ability to upload JavaScript files for users who
do not have the unfiltered_html capability
- CVE-2017-17093 Changeset: 42297
Add escaping to the language attributes used on html elements
- CVE-2017-17094 Changeset: 42298
Ensure the attributes of enclosures are correctly escaped in
RSS and Atom feeds
* Additional two patches for security fixes
- CVE-2017-9066
Redirect validation patch from backports
- CVE-2017-16510 Changeset: 42064
Restore numbered placeholders in $wpdb->prepare
Checksums-Sha1:
1751a69404aef2cdbb8a9262f0a1f36399d08a2c 2551 wordpress_4.1+dfsg-1+deb8u16.dsc
05b638902d28f40a5fca94cf5b0181681d7e136e 6171896 wordpress_4.1+dfsg-1+deb8u16.debian.tar.xz
fb4eb4beab8cbe93dd7c360145d4113b86a16866 3176264 wordpress_4.1+dfsg-1+deb8u16_all.deb
97f1440a9a4d358324fb3ff9765bc6bd08f3e057 4241918 wordpress-l10n_4.1+dfsg-1+deb8u16_all.deb
40ffa5f35252774597f98671ffe01d7aa491ed2f 504320 wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u16_all.deb
71d2e67d630842b7a90dc39c76742d69e2d4803b 804936 wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u16_all.deb
43bf32069ae82a8d0fbcf09f961a56ddcdcda8d6 322572 wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u16_all.deb
Checksums-Sha256:
13dee5ef3ef9000291fff99eec655901c39270c60ab9d585360d2e4da97bb6b1 2551 wordpress_4.1+dfsg-1+deb8u16.dsc
d1ee54cdf16229eca486a09babca1db46cfbb86006c58fd74e7ec04ea9eca8b8 6171896 wordpress_4.1+dfsg-1+deb8u16.debian.tar.xz
2d76f29dd37d80fe009c0b1eb8f171b983d3cae3384dd403e9822f6cceb200dc 3176264 wordpress_4.1+dfsg-1+deb8u16_all.deb
011fd6b9c42e0601f92501a9ee95dcf1cd15db8d314fb5fe133ecbcb5d747897 4241918 wordpress-l10n_4.1+dfsg-1+deb8u16_all.deb
6c17ef5545b2720a55100bdd21e09d825cfc00e24ee2227427b160e655a1cf74 504320 wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u16_all.deb
741029b76b2be37e3c5329f452301f8f03956b18d37fad77312624a59a548aa0 804936 wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u16_all.deb
89b7c116fa05920699f55c19f3f50de64d7cdf674b946f030fdb081a9221f94a 322572 wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u16_all.deb
Files:
30cd65d05a58af5d0de2bdd8672ed04b 2551 web optional wordpress_4.1+dfsg-1+deb8u16.dsc
a84fd668bc1b813b4265728cb9371af1 6171896 web optional wordpress_4.1+dfsg-1+deb8u16.debian.tar.xz
32492887ba36c4c8c87dd3094554db04 3176264 web optional wordpress_4.1+dfsg-1+deb8u16_all.deb
f7c36370124c8639d7070150c2578c24 4241918 localization optional wordpress-l10n_4.1+dfsg-1+deb8u16_all.deb
02decb36b5ed2be98774f79f999a15ad 504320 web optional wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u16_all.deb
dd2b1bb5ac752a6fe8cbdb8d4182cc4e 804936 web optional wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u16_all.deb
a6e3b15f0db43a7a5fce1dd40d8192cd 322572 web optional wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u16_all.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEXT3w9TizJ8CqeneiAiFmwP88hOMFAlpa0LEACgkQAiFmwP88
hOO11g/+L83GBzjuwv6Ead2kUlcRSQ/1QWHVXpFvFE13bcVHpMQFBhxu6MUXlNUr
1/i1DufMCLCGFABtofKjtNhGVREKEieZ3hmqX5QXXVCR4ovpeJ0doi+eOiA3UBxf
ommiHn3zVQqXzUKVC/kmwz1JEbQMlxhoR7teU118vntirOk7pQVzsxOnlwikQxXF
4HLSQdKMKD3a4FvO8YGif2zWAJLFjRJHhgwTAN5fQMVZpYZEXPZv5/HP4zwE3+tn
yX+Ue2CSByjr4tdKYv4hJGpGonEpTCJV/hRM9JJjYZbSxK+Q0UXalYRv1D5CFSeF
E3mcUrnY2YEKwmtmAB34dEzFDX37wSYWHXEbcY96tAn5xM4KZxUz+QI85bfQ3UF+
N3nT2Kcmk07v/jtzwUWd87L0dCHlLrjjLcaAW6xXcalKlJ4FCAAif7a6Waq1WCb6
tY+lgZVHbdIRTZ6bS/jNPtc6y/BThnvDFTBu7zULJkXKAGsjIQOTzFPGaUsY24cq
TAGdYoSxuXRFw+5ltJbWrmVUPHaFpNJugtP/t0NuE2X1piAKb5rMY3zxMCjeVLtW
V/sfCVzdI7eaoyf0vfJh/iqXfDMIwAmYoRAo4WbQXP7pgBKTw1BeHSl3DIhBCY8H
vhwnft0H7b2D/M5j8thfrDM/q3UcILzac2l4a1SXFE4A7UbKQms=
=aOqh
-----END PGP SIGNATURE-----