Your message dated Sat, 28 Jan 2017 22:07:13 +0000
with message-id <[email protected]>
and subject line Bug#852767: fixed in wordpress 4.7.2+dfsg-1
has caused the Debian Bug report #852767,
regarding wordpress: 4.7.2 security release (CVE-2017-5610 CVE-2017-5611
CVE-2017-5612)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
852767: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852767
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: wordpress
Version: 4.7.1+dfsg-1
Severity: grave
Tags: security upstream fixed-upstream
Hi
A new wordpress release was announced, marked as security release.
Cf. http://www.openwall.com/lists/oss-security/2017/01/27/2 for the
CVE request for the three issues.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: wordpress
Source-Version: 4.7.2+dfsg-1
We believe that the bug you reported is fixed in the latest version of
wordpress, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Craig Small <[email protected]> (supplier of updated wordpress package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 29 Jan 2017 08:22:44 +1100
Source: wordpress
Binary: wordpress wordpress-l10n wordpress-theme-twentysixteen
wordpress-theme-twentyfifteen wordpress-theme-twentyseventeen
Architecture: source all
Version: 4.7.2+dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Craig Small <[email protected]>
Changed-By: Craig Small <[email protected]>
Description:
wordpress - weblog manager
wordpress-l10n - weblog manager - language files
wordpress-theme-twentyfifteen - weblog manager - twentytfifteen theme files
wordpress-theme-twentyseventeen - weblog manager - twentyseventeen theme files
wordpress-theme-twentysixteen - weblog manager - twentysixteen theme files
Closes: 852767
Changes:
wordpress (4.7.2+dfsg-1) unstable; urgency=high
.
* New upstream release fixes 3 security issues Closes: #852767
- CVE-2017-5610
The user interface for assigning taxonomy terms in Press This is
shown to users who do not have permissions to use it.
- CVE-2017-5611
WP_Query is vulnerable to a SQL injection (SQLi)
- CVE-2017-5612
XSS in the posts list table
Checksums-Sha1:
7e070ca21294e15a7ad8450dbe1386d42a629f27 2539 wordpress_4.7.2+dfsg-1.dsc
d72547978a92d2629b02ff365bb0946525c994fc 6137000
wordpress_4.7.2+dfsg.orig.tar.xz
5535963bbd19aa6ceac583d97f13a8cebd0a2b0e 6777332
wordpress_4.7.2+dfsg-1.debian.tar.xz
84daf68b40a8018b6fbb536ce7e70dfeadb6c55b 4382802
wordpress-l10n_4.7.2+dfsg-1_all.deb
648c8ad901c0b36befb8d04f1d21cc80332c9bfa 699592
wordpress-theme-twentyfifteen_4.7.2+dfsg-1_all.deb
43debe40af23c6669a96a3a23a4f92ba7bd45914 939326
wordpress-theme-twentyseventeen_4.7.2+dfsg-1_all.deb
204332c140e96be4c2cf489bbfd1a3d30571fd8f 588362
wordpress-theme-twentysixteen_4.7.2+dfsg-1_all.deb
260754b650c461e873d93e327ec5b61cb44abe28 3968852 wordpress_4.7.2+dfsg-1_all.deb
e173a8fdd69286a20738c8fcd8c7c524e24403eb 6271
wordpress_4.7.2+dfsg-1_amd64.buildinfo
Checksums-Sha256:
17d417489d84aed7293426b3151dd01e4e13cff1c25b09c758c61108827280b1 2539
wordpress_4.7.2+dfsg-1.dsc
4803e59e54c47a0324c79fc44ab868c1ff71756ce73dc45c37b3303c3af07714 6137000
wordpress_4.7.2+dfsg.orig.tar.xz
4ad9cc6f64ba2ffcbc2f55f535b1e51acdb19bea21a6b81ba56ce94f5517f98e 6777332
wordpress_4.7.2+dfsg-1.debian.tar.xz
c28180b1448c8c24a6b86f63be30d39d64cce1d9271e51f02187177e249ba8c1 4382802
wordpress-l10n_4.7.2+dfsg-1_all.deb
f3128513019a5239f0b53d0c9a6cfd76b0fb7b63a7800e7e757d28cd230fc898 699592
wordpress-theme-twentyfifteen_4.7.2+dfsg-1_all.deb
20b3b2e34acca79700c7ff3c695f8e6ae6a831438e390f4aa39fa6ee389c1c09 939326
wordpress-theme-twentyseventeen_4.7.2+dfsg-1_all.deb
823bbb7d589d4de223013d5aa082203f4059bb8bbd55b183720658a6bf53e24d 588362
wordpress-theme-twentysixteen_4.7.2+dfsg-1_all.deb
11407af5870054e2511ba3e5e11bbb13bad4c8c9c17a9bc08b72e4013f541f1d 3968852
wordpress_4.7.2+dfsg-1_all.deb
89bf1463c87045823aaa4ca9ef5e2c7a3a52b0b625f02e503d32719ce6aaf2ae 6271
wordpress_4.7.2+dfsg-1_amd64.buildinfo
Files:
1c3388d0ff66bc64b8e51cc88476c53a 2539 web optional wordpress_4.7.2+dfsg-1.dsc
33ae0cbabdf6a44db8c54b028e0ce69f 6137000 web optional
wordpress_4.7.2+dfsg.orig.tar.xz
9c75d330d906949d8ad3b533270391af 6777332 web optional
wordpress_4.7.2+dfsg-1.debian.tar.xz
f9bc629469c43211ba6a45d45382bd5a 4382802 localization optional
wordpress-l10n_4.7.2+dfsg-1_all.deb
07aed14ce69a283bc5647f0392f199aa 699592 web optional
wordpress-theme-twentyfifteen_4.7.2+dfsg-1_all.deb
bef63ab1b7f30dd38a3b3aaa858e86a5 939326 web optional
wordpress-theme-twentyseventeen_4.7.2+dfsg-1_all.deb
c647c0f8566aafe31f5d24741103c831 588362 web optional
wordpress-theme-twentysixteen_4.7.2+dfsg-1_all.deb
dc9d3ad9c6f0d921d8bc8c6f57349cfe 3968852 web optional
wordpress_4.7.2+dfsg-1_all.deb
df3fd7d01518984ecf37c34c86d67d91 6271 web optional
wordpress_4.7.2+dfsg-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEXT3w9TizJ8CqeneiAiFmwP88hOMFAliNDxAACgkQAiFmwP88
hOMKyxAAlNq0im+QSfmbBhNnBykiomjcNT5UKVDFGN8VOLU/OHiFIpOnUTlbONCX
kIme6UmMtk8yHk3QjHck3yGdw13a+FIa9EO8XoL5X/HIW/EZ9IzM3gzdSIsHUXfq
yflEx3zPDR1iSV+hbJSj5UbYgE3p0YYjtZqthgHOIfk8Xw88GtJpAlTgcKwN90nc
k9JxIPQCVF5dSIQj4vhA+Q/uj61zHmQSCIO8K+XHWSjmj90l5x6LKUAMxfUz0jo7
zy5MGc9Ca5AMwIaVRRM0U3h2rw+2tQ4xKZVjwzm3AHxOtFScicAS7G0/MB7TI4+e
AcZGsUokuDgrt16mbRrsRHd7fY8VOLfOgUEssPwKIpv1KPFKRhmomyZX0rUFC0ao
z8BXy/5i+o0h2zbgbMVvXyPaWlFt+kHGUdsgkKAIl6e4yTgj0ZzTAp4tNBDRvDs9
KYoTLtDjjOPVdHtFvTPaB1TlW3Bj8z/5izgwXPktHV7gDFaYoQAbk5wWH13GjdSW
P8kQIroH8A5Ctp89L46U9J+lHcdlADqCzzXwCSB/0Z6z2C+m2DiGC/fPSLWKKqPa
GrwEoYhqXFSfdnu7Ia+rnOKQzsjEAUXCEhjuSTr05T1aXDGvfVYvL29BL/C5ADEm
kDRDrRd6Itp8tK+3+BffhiP5UkuLaYWvWm64L6CEQNefnK7Oinc=
=PA2m
-----END PGP SIGNATURE-----
--- End Message ---
