Bug#757312: marked as done (wordpress: 3.9.2 Security Release)

Tue, 12 Aug 2014 15:12:51 -0700 

Your message dated Tue, 12 Aug 2014 22:09:04 +0000
with message-id <[email protected]>
and subject line Bug#757312: fixed in wordpress 3.6.1+dfsg-1~deb7u4
has caused the Debian Bug report #757312,
regarding wordpress: 3.9.2 Security Release
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
757312: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757312
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Source: wordpress
Severity: grave
Tags: security upstream fixed-upstream

Hi

See 

https://wordpress.org/news/2014/08/wordpress-3-9-2/

and in particular 

http://www.openwall.com/lists/oss-security/2014/08/07/3

for the relvant commits associated to the issues. No CVEs are assigned
yet.

Regards,
Salvatore

--- End Message ---
--- Begin Message --- 
Source: wordpress
Source-Version: 3.6.1+dfsg-1~deb7u4

We believe that the bug you reported is fixed in the latest version of
wordpress, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Craig Small <[email protected]> (supplier of updated wordpress package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 07 Aug 2014 22:42:41 +1000
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 3.6.1+dfsg-1~deb7u4
Distribution: wheezy-security
Urgency: high
Maintainer: Giuseppe Iuculano <[email protected]>
Changed-By: Craig Small <[email protected]>
Description:
 wordpress  - weblog manager
 wordpress-l10n - weblog manager - language files
Closes: 757312
Changes:
 wordpress (3.6.1+dfsg-1~deb7u4) wheezy-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Import Wordpress 3.9.2 changesets Closes: #757312
   * Changeset 29405 - Ignore entites in XML-RPC
   * Changeset 29390 - Disable entities in ID3
   * Changeset 29384 - Constant time for wp_verify_nonce
   * Changeset 29408 - delimiters on nonce
   * Changeset 29398 - Escape late in get_avatar
Checksums-Sha1:
 e2780d2bb101d9b84143d35e235f1792e3f14457 2333 wordpress_3.6.1+dfsg-1~deb7u4.dsc
 6390491d6b961450df20cef2e12de255bbc44cf9 5157672 
wordpress_3.6.1+dfsg-1~deb7u4.debian.tar.xz
 0ae10404055d32309b8d3e5662418a24dc4c9e6c 3199578 
wordpress_3.6.1+dfsg-1~deb7u4_all.deb
 f4bb505cf10cd174a18362ea3bcf05e78b66d825 3740082 
wordpress-l10n_3.6.1+dfsg-1~deb7u4_all.deb
Checksums-Sha256:
 b231b1d8fd35809a648f89f252e60b9496ea5afcac1c2a273a1a36f8c77cd964 2333 
wordpress_3.6.1+dfsg-1~deb7u4.dsc
 7d751ca5c8731a11302c296ccc49e2f791d41dac86435a1dde3090543a27a05a 5157672 
wordpress_3.6.1+dfsg-1~deb7u4.debian.tar.xz
 5a49c0a90e79fbe9a699a154276ed313e9053994a92fe0d95c9005c88f37f520 3199578 
wordpress_3.6.1+dfsg-1~deb7u4_all.deb
 1fdb498ef189397f8fcae4430a61b781a2b6ab7271950a9d60cef1d782f78613 3740082 
wordpress-l10n_3.6.1+dfsg-1~deb7u4_all.deb
Files:
 855bb5a3d6f293345c10b68d3ba12008 3199578 web optional 
wordpress_3.6.1+dfsg-1~deb7u4_all.deb
 6fa3a5100ab2a7a87533ec7ff6fe4b01 3740082 localization optional 
wordpress-l10n_3.6.1+dfsg-1~deb7u4_all.deb
 13f4355918d8f6cc55903f29c010d444 2333 web optional 
wordpress_3.6.1+dfsg-1~deb7u4.dsc
 ce48b38db5bb2148b32c1e7607faf4d1 5157672 web optional 
wordpress_3.6.1+dfsg-1~deb7u4.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJT5IhPAAoJEDk4+WvfUP6lumkP/jI41a7TkFVDn0UDVB5PCK8/
zkzd+8vy8csxAqUHAkrDNwaJmAxPB3zzi8PCfaoY3q/1QJpAr4I32awthKF4MqmN
zdLH7Pgx8INN3XIltRowq/7xjO0LwfLgJe4/t13hi5zVVIZdcDqRW99pfwxXd/k9
G+yDHzGUhOOYZdqJTVehi0w5WASSbvGPJry6pcQjFS12OGS5AM5zZflrL/rPVqxB
JMfPOfAXBzLa6Dxr+ixmWy3nVz90AUSFLa2s99aruplIUJ8se8/YG9r16mHJ6SBW
n3cEnW0EmDfTIAcjL3ZYb4uqTtddw5jkF/7TbydP3D9RdjIf2lGFFAdZZ2FJwvlh
nQyRwj0fv2vWYnFtpfs/5YJiHECFWlDhsYrB5vp4Q4K9Wo3jquO46CdJFk4BaLch
7gMN6MuWKbkxgqtTmWwtTHS0fs5vKOzYFMjExwfMs0WAhID89La66bUPMjQIMQnv
VVBCFnG+ce7vZROaANUCY3OkgEX9hfhzktezUd+OH4i7dT7O17u7SkHtL5+MeWgO
ffH75IJgpKzlN0N1iBXXrRwUs5t0qO8VVGMkyWVl6TT6XxeiUMcujWaNlDKuC9zV
+PAgV9Rqrg0KpPfEjUFPp9D2Vq7zkETQGtrucszQai+5cIL9F0W+00LfOY/oIZ+a
87v29ls7J7lFgRwfBTm5
=a0mT
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to