Your message dated Tue, 04 Aug 2015 13:21:15 +0000 with message-id <[email protected]> and subject line Bug#794560: fixed in wordpress 4.2.4+dfsg-1 has caused the Debian Bug report #794560, regarding WordPress 4.2.3 and earlier multiple vulnerabilities to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 794560: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=794560 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message --------BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Package: wordpress Version: 4.2.3+dfsg-1 Severity: grave Tags: security, fixed-upstream This release addresses six issues, including three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site, which were discovered by Marc-Alexandre Montpas of Sucuri, Helen Hou-Sandà of the WordPress security team, Netanel Rubin of Check Point, and Ivan Grigorov. It also includes a fix for a potential timing side-channel attack, discovered by Johannes Schmitt of Scrutinizer, and prevents an attacker from locking a post from being edited, discovered by Mohamed A. Baset. For more information please see: https://wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release/ http://openwall.com/lists/oss-security/2015/08/04/5 - -- Henri Salo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJVwLJNAAoJECet96ROqnV08QwQAMJvwXTWaHZssqXCPTo77H1R vXHSu865JrpSjZkBruXA3yJzqefL8u1bCtxAMn1xIMYKCoweHvQyhce1ipBLM5NG CT9XGZUUPrvjAkiwNSkWnwm475ixH8AdsZvUXqQY5Yb2QcA/KBAPjMfu5IS12FTM PN3fg3OKOYgJlaVAzai/He1IMakzPyH9l+7NCa8lr1upJIJ1v5xyMzfTzyZ9hZnW dcpWFcP5/MjvkTGtqyDtc0s/Q5qHJPQEYYGvQTrGo9yo567t6xzjuVSHwWUhnlTT C41RV0VbjpPefhFcuR51wt0mMy77TB+DJh8lMl5XH5zQCE4/YjCPZ356I1EnKJ7g /2Xj0JbovF0b+eK+Xr+7VW8j8npf9gx2QALiQnFXS8EuaE4Aap2xxpDHLlqJiSl2 xK/+u67EnkkO1KRpztMNcSyUxEulQQZnEMD151Sg+8SanbfF5H4cHzea5zf8keTm EtPQ+48loWFe1N1c11xPgKLYU5SqOz5puwKqkzftD4mhnYarUrlulPy+enMVrM0o kMCnIyJWwo90pu3PGs4eT4XLsoxeyZMBJMjo2F6g4+eywl1/Hcw/qKMWi2Cau9IY GYm1KAZXl+X57heGyYj2nmZLidx3D8lX1ypGUtSXkIZ3EU5lZ2ZpGSPxONoYptkg 8HjdESDayI1Z6aHajdj7 =5NXI -----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---Source: wordpress Source-Version: 4.2.4+dfsg-1 We believe that the bug you reported is fixed in the latest version of wordpress, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Craig Small <[email protected]> (supplier of updated wordpress package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 04 Aug 2015 22:48:41 +1000 Source: wordpress Binary: wordpress wordpress-l10n wordpress-theme-twentyfifteen wordpress-theme-twentyfourteen wordpress-theme-twentythirteen Architecture: source all Version: 4.2.4+dfsg-1 Distribution: unstable Urgency: high Maintainer: Craig Small <[email protected]> Changed-By: Craig Small <[email protected]> Description: wordpress - weblog manager wordpress-l10n - weblog manager - language files wordpress-theme-twentyfifteen - weblog manager - twentytfifteen theme files wordpress-theme-twentyfourteen - weblog manager - twentyfourteen theme files wordpress-theme-twentythirteen - weblog manager - twentythirteen theme files Closes: 794560 Changes: wordpress (4.2.4+dfsg-1) unstable; urgency=high . * New upstream release * Security fix for 3 XSS and a SQL injection bugs Closes: #794560 Checksums-Sha1: 38515bf49ac2a75604e1fec91017051799a36de9 2519 wordpress_4.2.4+dfsg-1.dsc 851f3ceaf4ee7506f7ab722c0bdfc830aa01d4e6 4830380 wordpress_4.2.4+dfsg.orig.tar.xz 4377a25ecb4abc1acf50e0ff77ad67cf79bdf8d0 5981300 wordpress_4.2.4+dfsg-1.debian.tar.xz 3b6d475177f65145489233952fee3d67fcfdad18 4238728 wordpress-l10n_4.2.4+dfsg-1_all.deb 932f47c2baf5204f0adb80149e739bf23beb9134 502126 wordpress-theme-twentyfifteen_4.2.4+dfsg-1_all.deb 3550154e789cb20755d3299a89646b968de877e5 800700 wordpress-theme-twentyfourteen_4.2.4+dfsg-1_all.deb 3bd082e7b2d8d02006f205c491de20cc955c1f2c 320144 wordpress-theme-twentythirteen_4.2.4+dfsg-1_all.deb cb2cf7a82acb2fcb77dc7e06e72ed0decafc6a85 3247758 wordpress_4.2.4+dfsg-1_all.deb Checksums-Sha256: c8018ebec491c9c73fbe9ee355f6878debdaa9716284145cacde9f9e43c5546f 2519 wordpress_4.2.4+dfsg-1.dsc d31f9eb50b48f461899a49e161da4208a5d82881baf55b7601bace295fcec68b 4830380 wordpress_4.2.4+dfsg.orig.tar.xz 4815ca969507dc06413f9242527a7875b6a7bab7fc36c930d669ad1177de81ad 5981300 wordpress_4.2.4+dfsg-1.debian.tar.xz 005a5b3e46ef6a3f7342d3f000365f7c545749166a70617c1cd8e41e5fbcf632 4238728 wordpress-l10n_4.2.4+dfsg-1_all.deb 24103dd1a21c67bd552faa571ebd544a3c842b1731425f1c38d229f0052d0c66 502126 wordpress-theme-twentyfifteen_4.2.4+dfsg-1_all.deb 60bda0ed6ff350f17712f2d081cf6dc17c2dab835cae63524ec3d925a8f67e49 800700 wordpress-theme-twentyfourteen_4.2.4+dfsg-1_all.deb 34b655e6a061aa1d8d69670ade16b1abd9ee8dfe0c15657f89df4a2f72c43cb2 320144 wordpress-theme-twentythirteen_4.2.4+dfsg-1_all.deb 0126617a1f08a317c3daaa4a38c48d6ddabc6a2e2d757d0fbcb3f37cc3784826 3247758 wordpress_4.2.4+dfsg-1_all.deb Files: 4d3cb013468c9da68eacc9bb2ef554b4 2519 web optional wordpress_4.2.4+dfsg-1.dsc 7806a08b8c6ecdd8a329859aa8164b27 4830380 web optional wordpress_4.2.4+dfsg.orig.tar.xz 170ca64dfbbb31abd3f796f6d33a6eb6 5981300 web optional wordpress_4.2.4+dfsg-1.debian.tar.xz 44d1e53ecd85319deefedd5b1529cd26 4238728 localization optional wordpress-l10n_4.2.4+dfsg-1_all.deb bd1e6b6c2a44d7ba4a75f4edd69866c0 502126 web optional wordpress-theme-twentyfifteen_4.2.4+dfsg-1_all.deb 709d67ec557b616398e245bfefa80633 800700 web optional wordpress-theme-twentyfourteen_4.2.4+dfsg-1_all.deb 49adc0406feabe191497d34e8b2f2ebe 320144 web optional wordpress-theme-twentythirteen_4.2.4+dfsg-1_all.deb c4c85cc795c5b8ecd7e0823e5c335765 3247758 web optional wordpress_4.2.4+dfsg-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJVwLXCAAoJEDk4+WvfUP6lMJMQAKWqfWu2aRSTP7CwcHoagOae QRfRy0fLZj9kyHe9q/AAWIuJkZCxQvZpaItUUH2GC5qHtjDnAQIhOnpxtSfLojnW 8mwD0PUwCuSINejvqszCTdNOo9+XWlpI05+gz1iB4omN5cbC9Kv+180f4yUWkzRQ y+R9D8Yic6MUMKcjR0S6dge7uf3BoaSraDh8cerbZfinnrXlcX/BkPzj9l7gJFiX yyhcqEdbXyT5KReoHS+uvn4831Y6aa5AWZMAsbWRwxk4LAQg6DqvWYOYk2O2vA2p dkleDPg4/cKeTI8FUCk77E5M/R0ahUncaicp4WJSbkT+FM0APyhO6Y10LGbk5E6r dqoi3V1Okf0WGecFA0wqPJQK4PiyBzdnvCEzi1f86qfgTdTwAKezZtnUfupCIuBc KEuCY+1Vy/VXISMEgImyvZMJ2bRyOOD2xYYDt/WAzJczmqU9V9Z7+isF2HjPOAte okBdBSGJhWFX9+4WMu3iuO5vq4LqSsoQw1Qo5H12Wu4YBV62LfWRBvGHSL1fDTEx y+g+lFpJ2oL74Y3q7/SDCE6PooQ4mES47iu5PRBInPjQgfbTBxM+1tvvNUcVWVCY Xr80kDk2SR9dYS4cHL3gaTgKnNrQ9Z0q2tIN+PE1elmyRyuEturD7FFg7+27hM5U 0TDKVZYbvsxXWmiSKAXB =RnDL -----END PGP SIGNATURE-----
--- End Message ---
