tag 876274 pending
thanks
Hello,
Bug #876274 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:
https://anonscm.debian.org/cgit/collab-maint/wordpress.git/commit/?id=2b4ced0
---
commit 2b4ced00f007dafe1813fbdb59dfbb6f64416d9e
Author: Craig Small <csm...@debian.org>
Date: Fri Sep 22 06:28:50 2017 +1000
Update changelog to 4.8.2-1
diff --git a/debian/changelog b/debian/changelog
index 2ebddd7..b7ea231 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,29 @@
+wordpress (4.8.2+dfsg-1) UNRELEASED; urgency=high
+
+ * New upstream security release fixes 9 security issues closes: #876274
+ CVE IDs will be updated when issued
+ - CVE-2017-XXX
+ $wpdb->prepare() can create unexpected and unsafe queries leading to
+ potential SQL injection (SQLi)
+ - CVE-2017-TBA
+ Cross-site scripting (XSS) vulnerability in the oEmbed discovery
+ - CVE-2017-TBA
+ Cross-site scripting (XSS) vulnerability in the visual editor
+ - CVE-2017-TBA
+ Path traversal vulnerability in the file unzipping code
+ - CVE-2017-TBA
+ Cross-site scripting (XSS) vulnerability in the plugin editor
+ - CVE-2017-TBA
+ Open redirect in the user and term edit screens
+ - CVE-2017-TBA
+ Path traversal vulnerability in the customizer
+ - CVE-2017-TBA
+ Cross-site scripting (XSS) vulnerability in template names
+ - CVE-2017-TBA
+ Cross-site scripting (XSS) vulnerability in the link modal
+
+ -- Craig Small <csm...@debian.org> Wed, 20 Sep 2017 22:21:41 +1000
+
wordpress (4.8.1+dfsg-1) unstable; urgency=medium
* New upstream release
