Back to wordpress PTS page

Accepted wordpress 6.0.3+dfsg1-1 (source) into unstable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 24 Oct 2022 21:10:11 +1100
Source: wordpress
Architecture: source
Version: 6.0.3+dfsg1-1
Distribution: unstable
Urgency: high
Maintainer: Craig Small <csmall@debian.org>
Changed-By: Craig Small <csmall@debian.org>
Closes: 1022575
Changes:
 wordpress (6.0.3+dfsg1-1) unstable; urgency=high
 .
   * New security release Closes: #1022575
     - Stored XSS via wp-mail.php (post by email)
     - Open redirect in `wp_nonce_ays`
     - Sender’s email address is exposed in wp-mail.php
     - Media Library – Reflected XSS via SQLi
     - CSRF in wp-trackback.php
     - Stored XSS via the Customizer
     - Revert shared user instances introduced in 50790
     - Stored XSS in WordPress Core via Comment Editing
     - Data exposure via the REST Terms/Tags Endpoint
     - Content from multipart emails leaked
     - SQL Injection due to improper sanitization in `WP_Date_Query`
     - RSS Widget: Stored XSS issue
     - Stored XSS in the search block
     - Feature Image Block: XSS issue
     - RSS Block: Stored XSS issue
     - Fix widget block XSS
Checksums-Sha1:
 6e3033625b985932e381f0870c7063a937666fa5 2394 wordpress_6.0.3+dfsg1-1.dsc
 c6ff2a7cf5f42f559f251eb81b022d08d50dcd3b 15482868 wordpress_6.0.3+dfsg1.orig.tar.xz
 3504f9040003a78162bb39d74016edcd48a4674c 6825356 wordpress_6.0.3+dfsg1-1.debian.tar.xz
 9ff0284030824a60dbf793fa28b3b4114cb89234 7781 wordpress_6.0.3+dfsg1-1_amd64.buildinfo
Checksums-Sha256:
 d4c403fda1a7396d2a8350afb37e8326df8e61b27846ac092478dd451b1a39ca 2394 wordpress_6.0.3+dfsg1-1.dsc
 5f10b256f9072d35a4cb241a804610026d804d5bb448fcd99590d63cce03dd7a 15482868 wordpress_6.0.3+dfsg1.orig.tar.xz
 b322f85cb4bf966da6398507abe3f5da069d7441eae153ee5395a9a421cb1c32 6825356 wordpress_6.0.3+dfsg1-1.debian.tar.xz
 81987f14a8c77a6a679a28d475d42ca3af52bb72b07783d8081d15955060c2a4 7781 wordpress_6.0.3+dfsg1-1_amd64.buildinfo
Files:
 2f158f9757c884dd81a2db45bbf3610c 2394 web optional wordpress_6.0.3+dfsg1-1.dsc
 ec603996838c8011c6f726bc5662890b 15482868 web optional wordpress_6.0.3+dfsg1.orig.tar.xz
 6bb40bf7793df5550a9a2a723e633e68 6825356 web optional wordpress_6.0.3+dfsg1-1.debian.tar.xz
 a89336dae10033593f0b01e5713d6f7c 7781 web optional wordpress_6.0.3+dfsg1-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXT3w9TizJ8CqeneiAiFmwP88hOMFAmNWZVQACgkQAiFmwP88
hOOKcxAAoUSklfkAAH3MSA5aHR+sQPzL9AENK4CAjIs3fm+mzlmHwM7xH7+XyFQq
JRdaASddiTD2gsAoDKHvSIu7ScQcK+CvG1342FX/vgs7tJkyWBCdDnWvPHfQaTW6
DcdWOADtZDca60qowQDJOrTsINr7/Mwi6pEOnSRPP42pZ2kJufCQu3lptyjdEvYZ
H74tuHxzZc4kkuSgsy6dTGq0D8PQYtf1UMrW871PxqKtl9oMBVA2yLrf0cxqr53C
26udn5U3nvKtkgfWzITC9a6n3DIROc0wuotKpmsnedunCslRoY+KaPfmSNDjN8hn
AebwlkWQ+rcTBPSDePT27ljFcBLIakAXoqB9YnIUhh+X7nl6Cik3lO9mGuG2E3Hc
tojVzVrJX3RYecfi3JzZY/N0B/s951EYg3+isxCBz4aTJ8v+ZlIB3iiFIDQlinGH
rwBa2TGLyXIOKtuZ1dorOD/0uZmZzNw+NMlaVJ/7mUax1AHlQyDqhDyvncE9qbZj
V6NwZm4WE4HsBlgsxLMn2T2Cz+Tu0NQhiRhPliF1lVqCv7gAQ86utqf7fIKt+Kv3
MZec3XsDXSlkKSX2ngL89Mn2fKxOM0+68VMYvHXasi8PYe7K3rSnK8K9QWLqNdF8
nYsiLxUOipKgAzAxxKMTWk3HPpamRfyAC1AIopps+TFwc7huCjI=
=dEFt
-----END PGP SIGNATURE-----