Back to wordpress PTS page

Accepted wordpress 4.7.19+dfsg-1+deb9u1 (source all) into oldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted wordpress 4.7.19+dfsg-1+deb9u1 (source all) into oldstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sun, 01 Nov 2020 16:10:16 +0000
Mail-followup-to: debian-lts@lists.debian.org
Message-id: <E1kZFvs-00059Q-CK@seger.debian.org>
Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 01 Nov 2020 17:23:01 +0530
Source: wordpress
Binary: wordpress wordpress-l10n wordpress-theme-twentysixteen wordpress-theme-twentyfifteen wordpress-theme-twentyseventeen
Architecture: source all
Version: 4.7.19+dfsg-1+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Craig Small <csmall@debian.org>
Changed-By: Utkarsh Gupta <utkarsh@debian.org>
Description:
 wordpress  - weblog manager
 wordpress-l10n - weblog manager - language files
 wordpress-theme-twentyfifteen - weblog manager - twentytfifteen theme files
 wordpress-theme-twentyseventeen - weblog manager - twentyseventeen theme files
 wordpress-theme-twentysixteen - weblog manager - twentysixteen theme files
Changes:
 wordpress (4.7.19+dfsg-1+deb9u1) stretch-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * New upstream release 4.7.19.
     - CVE-2020-28039: Protected meta that could lead to arbitrary
                       file deletion.
     - CVE-2020-28035: XML-RPC privilege escalation.
     - CVE-2020-28036: XML-RPC privilege escalation.
     - CVE-2020-28032: Hardening deserialization requests.
     - CVE-2020-28037: DoS attack could lead to RCE.
     - CVE-2020-28038: Stored XSS in post slugs.
     - CVE-2020-28033: Disable spam embeds from disabled sites
                       on a multisite network.
     - CVE-2020-28034: Cross-Site Scripting (XSS) via global variables.
     - CVE-2020-28040: CSRF attacks that change a theme's background image.
   * Disable patch (CVE-2020-4050 regression) that is applied upstream.
Checksums-Sha1:
 305f0e86f8c9960a0d2a648b1c0bf3d819d05219 2603 wordpress_4.7.19+dfsg-1+deb9u1.dsc
 23f3c6db49fff82bb010a754920d803c2ef8c68b 6254824 wordpress_4.7.19+dfsg.orig.tar.xz
 6851f52ff63b92e1786b2e755e86c8ad2bc3ec84 6783012 wordpress_4.7.19+dfsg-1+deb9u1.debian.tar.xz
 e199258b71efc4b388f7952e3f65c16115f66aa7 4385270 wordpress-l10n_4.7.19+dfsg-1+deb9u1_all.deb
 ed6104325dc2ad7a906365970539d571580371f0 702690 wordpress-theme-twentyfifteen_4.7.19+dfsg-1+deb9u1_all.deb
 baa9792d5e093f964a3f58de61730a735ed4e39f 942492 wordpress-theme-twentyseventeen_4.7.19+dfsg-1+deb9u1_all.deb
 c49d724b77de8d058cfe78725d163f34cb9085f4 591330 wordpress-theme-twentysixteen_4.7.19+dfsg-1+deb9u1_all.deb
 ba062bfc57dc6500c8b0e417e02bf90f2a71b6c7 4010744 wordpress_4.7.19+dfsg-1+deb9u1_all.deb
 08842090e35863b9df7a727c2050bd68905e0889 7882 wordpress_4.7.19+dfsg-1+deb9u1_amd64.buildinfo
Checksums-Sha256:
 e3994503096ae78335fb774d7e95e747c5ba9ddf27df6050ca5e5ab999a815db 2603 wordpress_4.7.19+dfsg-1+deb9u1.dsc
 8f38223900586dafa85b804f880b1d7748c14131ee0e4901f2fc97b5c0ec9872 6254824 wordpress_4.7.19+dfsg.orig.tar.xz
 f9a9d934467bcb9cac5c86a0937dc80d6476bdf985503cca4e4d5548407265b9 6783012 wordpress_4.7.19+dfsg-1+deb9u1.debian.tar.xz
 ebce7eb0884fb1e4e4694a4760db44c72b284a19813233029cfe8afd314a4bf8 4385270 wordpress-l10n_4.7.19+dfsg-1+deb9u1_all.deb
 4fb5cd9761ea2c788e0350ea03b1f60c2cd18a3570581c39d8c7134bf962e102 702690 wordpress-theme-twentyfifteen_4.7.19+dfsg-1+deb9u1_all.deb
 263102decc5844ac83e6195b413b2a32fae379f1ebe8ea010ec34a342d324c44 942492 wordpress-theme-twentyseventeen_4.7.19+dfsg-1+deb9u1_all.deb
 cbae2e7815c451be578d8e71ba413611190c8c6666ff8c030ff5633e914f37f9 591330 wordpress-theme-twentysixteen_4.7.19+dfsg-1+deb9u1_all.deb
 46b5e1f19c9416f91ba7349aeee89b16e02715a6ab3218afa3b42ac2b17a6a00 4010744 wordpress_4.7.19+dfsg-1+deb9u1_all.deb
 f7f85ad79b0b705e0c551d8c82f1843dc4645632d89a1387dcb31aced69f13be 7882 wordpress_4.7.19+dfsg-1+deb9u1_amd64.buildinfo
Files:
 83e52b4378b0e5bcaa265d9f06b140f4 2603 web optional wordpress_4.7.19+dfsg-1+deb9u1.dsc
 f7ff519c6b1c811a441f1ce28df8751b 6254824 web optional wordpress_4.7.19+dfsg.orig.tar.xz
 09433eb7d8dbe4afce5005799a4555ff 6783012 web optional wordpress_4.7.19+dfsg-1+deb9u1.debian.tar.xz
 e2a78282cec9b5ef4f2addd77f127a87 4385270 localization optional wordpress-l10n_4.7.19+dfsg-1+deb9u1_all.deb
 6ff77114250faa8f740c9f69c4047cc4 702690 web optional wordpress-theme-twentyfifteen_4.7.19+dfsg-1+deb9u1_all.deb
 d06a54ed1a6e53a35e6cdb5e75120867 942492 web optional wordpress-theme-twentyseventeen_4.7.19+dfsg-1+deb9u1_all.deb
 7a4c18f50aea27e3edc381cc4631afd4 591330 web optional wordpress-theme-twentysixteen_4.7.19+dfsg-1+deb9u1_all.deb
 11b562a9e4e029d8e89a3be3b4e3f542 4010744 web optional wordpress_4.7.19+dfsg-1+deb9u1_all.deb
 61180866d5f9f39bd4265e9815828155 7882 web optional wordpress_4.7.19+dfsg-1+deb9u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJHBAEBCAAxFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAl+euC8THHV0a2Fyc2hA
ZGViaWFuLm9yZwAKCRCCPpZ2BsNLlojYEACkgx6ZjMf8wgzyRHmgChNnw7vs3Aku
bn3ZXWmQZVrbxbaNZadjgAtWIx1IJcTBs3uFN7txK0EiS6NrlkrzgRTocHC+3RYR
oG7RMbt75YvqKOU32l6vE8GElXqKfXcKPmusyQ088NrKg3RWysnyhP+zIb5RzzQh
AS3ZqanyiFruMFYo2BQC7tWhZ6A0saHn3Su+7WJQHri0geM9HZACrl/oB1cglZPB
uWMg8J/onUgGOJEymP0QLTURDmH4dvTSny6r6ALCrlxLUSRBI1F0U3IJiQiBjF7O
zFPRTHPOY9U08O1D316JZ5Ac57sOFO797x94ZGYj2bHQZ/9s+LHCWzB9d1CgxeV/
c85XbZ6z34wbFUj4tLQSR6p4f/iZilreVp+TQzGjepAaYb3jJUiJih8s/KnzXGbw
cCj0u/iOPPI45hrTrC0wl3BcKo0rWdp93gAhhgBfOn2WbfCLYVnnaEcGPD2Qk1S4
PqxxtU21fsg3C2+9K3eAHEO3oG/Z2YbwimpbF5g6pVHz6YFrRQQ+TBzZF+lNyFcG
iubeDnzWhfd1vernD+mbkYo7QysTNcvq4kwqFBesooT/mQp5WhX4IdyzOnpgS2Zf
+kx/Y9xrctG3RjeFKctHC3T+lWWcAFEI6E+zO18+mzk4Qcgc2iORg88NflWBHHbB
/TfQ/2e8QhHpEA==
=AVqY
-----END PGP SIGNATURE-----