Accepted wordpress 5.0.1+dfsg1-1 (source all) into unstable, unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 16 Dec 2018 10:45:32 +1100
Source: wordpress
Binary: wordpress wordpress-l10n wordpress-theme-twentysixteen wordpress-theme-twentyseventeen wordpress-theme-twentynineteen
Architecture: source all
Version: 5.0.1+dfsg1-1
Distribution: unstable
Urgency: high
Maintainer: Craig Small <csmall@debian.org>
Changed-By: Craig Small <csmall@debian.org>
Description:
wordpress - weblog manager
wordpress-l10n - weblog manager - language files
wordpress-theme-twentynineteen - weblog manager - twentynineteen theme files
wordpress-theme-twentyseventeen - weblog manager - twentyseventeen theme files
wordpress-theme-twentysixteen - weblog manager - twentysixteen theme files
Closes: 916403
Changes:
wordpress (5.0.1+dfsg1-1) unstable; urgency=high
.
* New upstream source. fixes 7 Security issues Closes: #916403
- CVE-2018-20147
Delete files through altered meta data
- CVE-2018-20152
Create posts of unauthorized post types
- CVE-2018-20148
PHP object injection through crafted meta data
- CVE-2018-20153
Edit other users comments, leading to XSS
- CVE-2018-20150
XSS in plugins through crafted URL inputs
- CVE-2018-20151
User activation screen visible to search engines
- CVE-2018-20149
Bypass MIME verification causing XSS
* Themes: Remove twentyfifteen, add twentynineteen and make default
* Remove remote emojis
Checksums-Sha1:
ae9d2317c4dd04e09c87cb31b7e44b4471600222 2435 wordpress_5.0.1+dfsg1-1.dsc
83622d0ea85c9bd5170c0decfb5f106ae6abd409 7835368 wordpress_5.0.1+dfsg1.orig.tar.xz
92e436c5e5cee27f4e5dea396587f4517bd189d8 6817480 wordpress_5.0.1+dfsg1-1.debian.tar.xz
82366286dcceda252c339fd9e87bef9249d2c3a3 4383756 wordpress-l10n_5.0.1+dfsg1-1_all.deb
7fa277e8207a34c7d891c5227a8edf14bcb6e7f2 305372 wordpress-theme-twentynineteen_5.0.1+dfsg1-1_all.deb
87471deac654d63f841de391158bb715abe9c5da 945008 wordpress-theme-twentyseventeen_5.0.1+dfsg1-1_all.deb
d87543a17b53ee26a4cedb2eaa5777ca6e0614cc 593000 wordpress-theme-twentysixteen_5.0.1+dfsg1-1_all.deb
82ab6a6f494edfffa6c77e9dd9dddbe668629381 5994928 wordpress_5.0.1+dfsg1-1_all.deb
2400b27c538189cdeba919373fbc00236b8271d0 7219 wordpress_5.0.1+dfsg1-1_amd64.buildinfo
Checksums-Sha256:
b897c69e10f63270695d079c84fa6a592a425dc0b926b0f20a4e99877a2cae26 2435 wordpress_5.0.1+dfsg1-1.dsc
d05557f8bb374f5ac6bfa2ecd9682862ac7ae3753d6ab246feecccf2c994e8c3 7835368 wordpress_5.0.1+dfsg1.orig.tar.xz
f1c4551357d0d58b9b79ccfc5e196425dfd896a43864805fcd4093fc486f3fc2 6817480 wordpress_5.0.1+dfsg1-1.debian.tar.xz
0f633c61cb6259a3da29fb6c5134f4e20a3cffc13c62a4d8295eb14e63d24479 4383756 wordpress-l10n_5.0.1+dfsg1-1_all.deb
51673d4fe6b47edb367d5c56cb173e40aba09ac5538cefcc0968dae2ef9a913c 305372 wordpress-theme-twentynineteen_5.0.1+dfsg1-1_all.deb
6723cd855fcfa36cb511a1716e6556b3a42ee1dec491132fa8a8eadc7366de0b 945008 wordpress-theme-twentyseventeen_5.0.1+dfsg1-1_all.deb
8ab8b7eb104f95bbe727e45f573ab10c1ee85a52004347cfa678332ccab175be 593000 wordpress-theme-twentysixteen_5.0.1+dfsg1-1_all.deb
933363d13a5fcc4b485a302c40c1dd9b74c2f9d65a5cf43a619f41f8212f5522 5994928 wordpress_5.0.1+dfsg1-1_all.deb
d0e7d4e13b35f3416fdc066974d697b2e018e1a93e9f15862868a9300eda4407 7219 wordpress_5.0.1+dfsg1-1_amd64.buildinfo
Files:
95f15a90e70b8b96981b067a146c73ad 2435 web optional wordpress_5.0.1+dfsg1-1.dsc
847eeb7cce6ed842ba1b3acf3cbe77bb 7835368 web optional wordpress_5.0.1+dfsg1.orig.tar.xz
f398ce1f3903c0b4fa944b2a4bcf4907 6817480 web optional wordpress_5.0.1+dfsg1-1.debian.tar.xz
939f2414a7295e98ffcc4fcdb1ada8eb 4383756 localization optional wordpress-l10n_5.0.1+dfsg1-1_all.deb
6265d0cdf898ddffac8eeb665f32a224 305372 web optional wordpress-theme-twentynineteen_5.0.1+dfsg1-1_all.deb
cd02538b2644ccdf191facf6ba6df510 945008 web optional wordpress-theme-twentyseventeen_5.0.1+dfsg1-1_all.deb
4b9248376c6048f7e955915ae045211a 593000 web optional wordpress-theme-twentysixteen_5.0.1+dfsg1-1_all.deb
54024224ba3e9d74ed7d7ca0333746a0 5994928 web optional wordpress_5.0.1+dfsg1-1_all.deb
ed48c242a25ed23a1cf1df5594a3b580 7219 web optional wordpress_5.0.1+dfsg1-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEXT3w9TizJ8CqeneiAiFmwP88hOMFAlwVk6MACgkQAiFmwP88
hON9VhAAhkAV/rxIDJlFcvx81MQsphFqMAl2t9Fvn24bQu/uS0IZKSHK81UC7J04
emj1Ta5ukNETASdfgVqx7t+tyB5PoLOVgclu5P8c9gLyBNuRFX46oBaQD5rIhrJ/
0yMt//xr0ORVZEUIKWEe5aa0ne16oTfjxOQnAA1UdA61kdxkmFu80wcsvyc821xt
DbSCpVR2ZeOc+JpWKWsUJ+avw0tFkHrLLeE2wXfIyNXynja7lQuG4QIDw8zVL/as
bSf21JC3mTXtmrGHMCE/jqkOdyNfBDcrRe89RV8IEC8rBZgjrEP3okxdAdtXvxeY
lufrHH1jwsaTKySwmGzSt+IirDzkTVfl0+cEmAmKZ17guSjPaw8W6m8xT4LDZb97
z5g0Pb882bSx7+pkkKJKRmTA4OaTh6keRwPntoObtro3nr3zJOpFz3XbI3AkVOx5
dbdKubfctzc9kL1Ixul33cPSz8+pySLJTtxrxTHTRvsP8wZqeqtpL6nlMvH6B10Q
Yqpal/7rwL8LH0wai84RtlNESQnZ8f/N5/dUOzY5oFWHfjRlfsB9Q7K9bwrkUKNN
UBSENtUygF+Gb65RbFQPmtu26i7l8yCgAabrMM5DUPqba5yR0R3gbtc2UcbEvKdu
5zel85uU3ItE0xsKEzPJaTFaohmbI8eAyGAs3ry875pJDdxMmeI=
=8hGf
-----END PGP SIGNATURE-----