Bug#757312: marked as done (wordpress: 3.9.2 Security Release)

Wed, 17 Sep 2014 05:09:35 -0700 

Your message dated Wed, 17 Sep 2014 12:04:25 +0000
with message-id <[email protected]>
and subject line Bug#757312: fixed in wordpress 3.6.1+dfsg-1~deb6u5
has caused the Debian Bug report #757312,
regarding wordpress: 3.9.2 Security Release
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
757312: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757312
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Source: wordpress
Severity: grave
Tags: security upstream fixed-upstream

Hi

See 

https://wordpress.org/news/2014/08/wordpress-3-9-2/

and in particular 

http://www.openwall.com/lists/oss-security/2014/08/07/3

for the relvant commits associated to the issues. No CVEs are assigned
yet.

Regards,
Salvatore

--- End Message ---
--- Begin Message --- 
Source: wordpress
Source-Version: 3.6.1+dfsg-1~deb6u5

We believe that the bug you reported is fixed in the latest version of
wordpress, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Holger Levsen <[email protected]> (supplier of updated wordpress package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 17 Sep 2014 10:24:42 +0000
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 3.6.1+dfsg-1~deb6u5
Distribution: squeeze-lts
Urgency: low
Maintainer: Giuseppe Iuculano <[email protected]>
Changed-By: Holger Levsen <[email protected]>
Description: 
 wordpress  - weblog manager
 wordpress-l10n - weblog manager - language files
Closes: 757312
Changes: 
 wordpress (3.6.1+dfsg-1~deb6u5) squeeze-lts; urgency=low
 .
   * Non-maintainer upload by the Squeeze LTS Team.
   * Changes taken from DSA 3001-1 / 3.6.1+dfsg-1~deb7u4:
     - Import Wordpress 3.9.2 changesets Closes: #757312
     - Changeset 29405 - Ignore entites in XML-RPC
     - Changeset 29390 - Disable entities in ID3
     - Changeset 29384 - Constant time for wp_verify_nonce
     - Changeset 29408 - delimiters on nonce
     - Changeset 29398 - Escape late in get_avatar
Checksums-Sha1: 
 83f6ee5114622faea601220a6a593fbd5f96dd13 2118 wordpress_3.6.1+dfsg-1~deb6u5.dsc
 f70bceabcbeee71ea96d5fb970126a636f6104b9 11017467 
wordpress_3.6.1+dfsg-1~deb6u5.debian.tar.gz
 f2f862575e5da77d6400740663d31ad7bb0b1ed9 3984232 
wordpress_3.6.1+dfsg-1~deb6u5_all.deb
 299fb3a8f876ef6aa7ad6064661e3aac491019ca 8875576 
wordpress-l10n_3.6.1+dfsg-1~deb6u5_all.deb
Checksums-Sha256: 
 51051bab7d45cfc146e68ae90a563319e30800337f8b1328d72fcd8aae1f4435 2118 
wordpress_3.6.1+dfsg-1~deb6u5.dsc
 fbfddb526d88eaec5165956b11a3922e4a8581620f4309eee6f3eb02c7544396 11017467 
wordpress_3.6.1+dfsg-1~deb6u5.debian.tar.gz
 536f731e18e8a673bd9e2644830d21c054f95bbfc8f5d785ce5aef6ced2aa979 3984232 
wordpress_3.6.1+dfsg-1~deb6u5_all.deb
 aa852123dc6cbb38d8a4acc2195384d414d2ba88b157509ccacf516c2d4a13d0 8875576 
wordpress-l10n_3.6.1+dfsg-1~deb6u5_all.deb
Files: 
 f187086bf0facdd86a3c8f6dfce85749 2118 web optional 
wordpress_3.6.1+dfsg-1~deb6u5.dsc
 5dd5fb84f3541a2fb44a0fb75092ae18 11017467 web optional 
wordpress_3.6.1+dfsg-1~deb6u5.debian.tar.gz
 231c3c311a22a22cfacac24ee2f71f9c 3984232 web optional 
wordpress_3.6.1+dfsg-1~deb6u5_all.deb
 71764d58220805db3211c7844e1cf8fa 8875576 localization optional 
wordpress-l10n_3.6.1+dfsg-1~deb6u5_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIVAwUBVBlnMwkauFYGmqocAQgyiBAAkh3cpi5mjccAmeuMBMyveSEFSh9mENtW
CO/ajmF5zURSkvP7QKnvDBQ2ImSDFbrvQdrgyHoGtsaDs/YkMJrUGmFM0AbTpQk3
48oBRcVSMkfrT6b+HWEEEXLNu3m6nbDrys8Vm2Xk7b2WcXDE/SeU72x667mEvKrv
2r82Kolnc9c6L1tozeoVCngk+gSq2W63K1r97g6V8GM8WNID948QoIBGj52/ISmG
ac3M53i8KbLe0wwKTTU6GeyMNwhJ8g1PuvtMNAteEhJfvoBCeWySObgsJzYXW5Yr
tRix8jzkP4ey7iIN43yJ+svxkm6IJHFn9hypAEAVFbSZxM3r3WqvUeYSbTG/cl6b
zX9A9KJvaAA0Way5NGF1VVP0xmAGnflris0BxTDem8vwSb16ULYEGqwunlptm+xc
brcZSgVRuQqH8PPuhFUI3soJsPqZ9249pvI0ZgppenCW08BrAEi/0NhQxpu+benE
mFjkVRaOvJQz+FqlnD+vO0+gIDWlWks+Gy5mI22yYv8lrWPlqcw/8FyZC5L472fE
9yHbaPxJfpDkMXOZ76tObbbr0gMckbMz+Dl0l0YcK8+or/XyjzQeLczBpfZDCC71
DcQfrLdsS1mGQKBTRXvlxplZi3bBvStB6ck7M8d4d8ETBStzScT/dFqBdd3JRTAL
P1JOqpXVrcE=
=DnbH
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to