Accepted wordpress 5.0.20+dfsg1-0+deb10u1 (source) into oldoldstable
- To: debian-lts-changes@lists.debian.org, dispatch@tracker.debian.org
- Subject: Accepted wordpress 5.0.20+dfsg1-0+deb10u1 (source) into oldoldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Mon, 20 Nov 2023 20:10:26 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: wordpress_5.0.20+dfsg1-0+deb10u1_source.changes
- Debian-source: wordpress
- Debian-suite: oldoldstable
- Debian-version: 5.0.20+dfsg1-0+deb10u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=cWnm8fNvCEz5O6iqaCHULPefJrgLomEj0OTm8xvaJiQ=; b=emju8vTyFPfSj8ursezQaz7TAF R31E7NRQRmVkLH0kRci3miG/b1Bf4k8Dz1ac3GX6jqbE2vVRnQkVL2wkq1dXPkm+A1LyuWoE8PI/8 kvn2TnbZ+o6EwVQN48aQzHQaqF0x2ESqjo6oiTay1vSoqFYA1HfolnXb0bk3eA+BHXIVO7+LKwQ9l Ajg3Fj6Fl2Ulbmqa+8eursPySuchNagKbCDmmW0W52/dRIhMwqoZqdRwKYPNGwJ2GEbDzUMXTJm9c FrfphAG/ppxMs6YpjS+dy3fu7/MNpvCDfnQvi4ngs0escS5NZgm3MhOvvPz7dZ90hFPFu5SGXkiUl Dp1at3DQ==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1r5AbC-009sur-QV@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 20 Nov 2023 20:52:51 CET
Source: wordpress
Architecture: source
Version: 5.0.20+dfsg1-0+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Craig Small <csmall@debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
7e2d6fbdde1eed97462a8d9041e908aacbe2e782 2635 wordpress_5.0.20+dfsg1-0+deb10u1.dsc
d27e82319490cc4519cd670a398c0ad4f697883f 10575406 wordpress_5.0.20+dfsg1.orig.tar.gz
0a21a393f240ecdd841962603ae954c8b780a087 6820968 wordpress_5.0.20+dfsg1-0+deb10u1.debian.tar.xz
f5bd71c75ee268c0aec11533fdda64ef8d49df78 7703 wordpress_5.0.20+dfsg1-0+deb10u1_amd64.buildinfo
Checksums-Sha256:
d42d34e765364e6eb313666f2fef8e49342d744988ff0b505d2a43fef966a204 2635 wordpress_5.0.20+dfsg1-0+deb10u1.dsc
0a94298a7dab9e60e6a2a6f53444cb9d52baee6df98e86f91ca468960b2bfc2a 10575406 wordpress_5.0.20+dfsg1.orig.tar.gz
7a042933090449f05a549673fe914cade51be197b4d7f694df289b1f99af5824 6820968 wordpress_5.0.20+dfsg1-0+deb10u1.debian.tar.xz
7566a63aaf7d98c49650d17175421939a128b61d11453cb7fea4dc355f14cd7d 7703 wordpress_5.0.20+dfsg1-0+deb10u1_amd64.buildinfo
Changes:
wordpress (5.0.20+dfsg1-0+deb10u1) buster-security; urgency=high
.
* Non-maintainer upload by the LTS team.
* New upstream version 5.0.20+dfsg1.
* Fix CVE-2023-39999: Exposure of Sensitive Information to an Unauthorized
Actor in WordPress
* Fix CVE-2023-5561:
WordPress does not properly restrict which user fields are searchable via
the REST API, allowing unauthenticated attackers to discern the email
addresses of users who have published public posts on an affected website
via an Oracle style attack
Files:
a2c877aaf35b05b2ff6786e6175bc3e7 2635 web optional wordpress_5.0.20+dfsg1-0+deb10u1.dsc
4ec760992067eabe98b62e6d3ad271e0 10575406 web optional wordpress_5.0.20+dfsg1.orig.tar.gz
20175b36370ee0f6e9f1e4375898dd49 6820968 web optional wordpress_5.0.20+dfsg1-0+deb10u1.debian.tar.xz
038f3a92812f894919201bb408202d7f 7703 web optional wordpress_5.0.20+dfsg1-0+deb10u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmVbuWhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkuOYP/1bJ+eHHK/knagwqgyUzAxea7c8ctnxU8qbL
HxU6iQclQoxErquy6ieQEGrusAInX5n95xBG7cR8fS0VflIiqGSCcI5OSW/OSruD
YTMwqv20zHhmOKu6daAaf/7hQCDsFmwBat2rv8kkunsvD+257tWuBCAVPTsVXoRj
dNkXivaEG0MR3bE2yo+Py+h444o3VZBDznx94TP1S4nd30yjGF1XT5yM3HIWbnrM
HHNs3LX7ACfZls3ZH1Gg1efE47PvNqiOEszMsf3RBk2UwBYe70+Bnm+87UkT+2vZ
b0ZLWpBG7VASFns7atXjbcV5j+E1iT+nkxDi+br/jfs0r7zhm4qxVlH+hEfGc//a
7U2xnOGxUl4ylZJG21sLYdUdfbemvijlQfwioDlf7nJicdMHyPcxlL1hNNPjYsMN
WVFUVAST3aoUwyEtqIA17ETB6/xlNcl6LUiaj5Ru3YBU/K/lQTAZQb1Xaspsg+gM
+V2pxKTtNef40R1E7VEJWUvX8ylwSGtLdNopaMf4F1wco6THb1GbadrEUmqBfsRz
c+ynFQJXfmZ85BslXuwaJjgluRbnaVjly1Ujw97HFCDWV94SEvYtu3ZgI/v/bgd+
OwK/pwleQdbEzH05Fjk9sHLT7ZVyRZ6UJUwPsRJmhikxYPqERCK2LyPqzlAy5533
2RVc4OHo
=pKZm
-----END PGP SIGNATURE-----