-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 16 Apr 2018 21:05:38 +1000 Source: wordpress Binary: wordpress wordpress-l10n wordpress-theme-twentysixteen wordpress-theme-twentyfifteen wordpress-theme-twentyseventeen Architecture: source all Version: 4.7.5+dfsg-2+deb9u3 Distribution: stretch-security Urgency: high Maintainer: Craig Small <csm...@debian.org> Changed-By: Craig Small <csm...@debian.org> Description: wordpress - weblog manager wordpress-l10n - weblog manager - language files wordpress-theme-twentyfifteen - weblog manager - twentytfifteen theme files wordpress-theme-twentyseventeen - weblog manager - twentyseventeen theme files wordpress-theme-twentysixteen - weblog manager - twentysixteen theme files Closes: 895034 Changes: wordpress (4.7.5+dfsg-2+deb9u3) stretch-security; urgency=high . * Backport security patches from 4.9.5 Closes: #895034 - CVE-2018-10101 Don't treat localhost as same host by default. - CVE-2018-10100 Use safe redirects when redirecting login page if SSL is forced - CVE-2018-10102 Make sure version string is correctly escaped for use in generator tags Checksums-Sha1: 6b5695a510b1564d90b4dc69f18be936b41c2df6 2567 wordpress_4.7.5+dfsg-2+deb9u3.dsc ea340714d6db18e575f6b256861b713249f23af5 6790072 wordpress_4.7.5+dfsg-2+deb9u3.debian.tar.xz 0adfb9adc4bff7ceeee08afe2674073297e7c5de 4383450 wordpress-l10n_4.7.5+dfsg-2+deb9u3_all.deb 3eba3041d752c3607b07269369552e792c5edbab 700758 wordpress-theme-twentyfifteen_4.7.5+dfsg-2+deb9u3_all.deb e9060b99b89796befa29825aef5a748c3e14075b 940498 wordpress-theme-twentyseventeen_4.7.5+dfsg-2+deb9u3_all.deb ce83ed58daf077f1e5372b8ad43bb75987341379 589548 wordpress-theme-twentysixteen_4.7.5+dfsg-2+deb9u3_all.deb 02e4f90e9882f2dfc23070502d99bc824e0e4eeb 4001794 wordpress_4.7.5+dfsg-2+deb9u3_all.deb 105836d07c7a0618b8f40af633fced75ffb38508 7445 wordpress_4.7.5+dfsg-2+deb9u3_amd64.buildinfo Checksums-Sha256: a8d8c4d8df547ad5c29ef274751737adcf9d841c3c6d6a55fb9912057c3c1363 2567 wordpress_4.7.5+dfsg-2+deb9u3.dsc ee83a5db1fc83265db8d1fb06d9ae773237c934abc870f8763dea1a286a60532 6790072 wordpress_4.7.5+dfsg-2+deb9u3.debian.tar.xz e83e955a5e5013809401f66fe9e5e564086293695d46f5f02f5fe813f46699ff 4383450 wordpress-l10n_4.7.5+dfsg-2+deb9u3_all.deb 96055dc98335cce11c442eacb7453233c125a46b3aef71e18f78cdd72ad63190 700758 wordpress-theme-twentyfifteen_4.7.5+dfsg-2+deb9u3_all.deb a89398c49334f787d027bc9e1d85f685dbacb8d1cdeec548ca9a6c2bb6c39582 940498 wordpress-theme-twentyseventeen_4.7.5+dfsg-2+deb9u3_all.deb 0b1a30f2a79f5a934b0375d10be9d09d3974959323be1078eda885b8a6ae8b32 589548 wordpress-theme-twentysixteen_4.7.5+dfsg-2+deb9u3_all.deb 08c702f2f5811767478129ea3c8ef4e0b9c46efe9fd2c381cd4baed0b4fb78ad 4001794 wordpress_4.7.5+dfsg-2+deb9u3_all.deb 2258e317ea282a385d498349cc2e0f8cabf68e51a8682431958ca875f9e7e28b 7445 wordpress_4.7.5+dfsg-2+deb9u3_amd64.buildinfo Files: 05d97cf990d1831b428bd1c283aef6c6 2567 web optional wordpress_4.7.5+dfsg-2+deb9u3.dsc 220291c4a904926922abfbce283503aa 6790072 web optional wordpress_4.7.5+dfsg-2+deb9u3.debian.tar.xz 0110a76eaf878305a800db72bf659fe6 4383450 localization optional wordpress-l10n_4.7.5+dfsg-2+deb9u3_all.deb 78d358f3a2a1c52007b319418a582931 700758 web optional wordpress-theme-twentyfifteen_4.7.5+dfsg-2+deb9u3_all.deb 07be591415a201d217a20d0faca11637 940498 web optional wordpress-theme-twentyseventeen_4.7.5+dfsg-2+deb9u3_all.deb 233d57a41b5b14eba3cf719f3785624c 589548 web optional wordpress-theme-twentysixteen_4.7.5+dfsg-2+deb9u3_all.deb 720ef8211916ec8ef1fdb60cf8d37f0c 4001794 web optional wordpress_4.7.5+dfsg-2+deb9u3_all.deb 3495d2302ddc76fbe92a33001463d97a 7445 web optional wordpress_4.7.5+dfsg-2+deb9u3_amd64.buildinfo
-----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXT3w9TizJ8CqeneiAiFmwP88hOMFAlrUhN0ACgkQAiFmwP88 hOMQ/Q/9Hs/gt8QR0O70p+0f9GllWF+MwvXYZUTMT4829z88g2HIayLselKJMe1D 48jTZxjhqkai/w8gxgEhQfmcWidoQXRI52FEQcuRdU7XyACfpsHEcBR0x0+ObQ0Z CFG3bwpxJjHj3iJHomD27585VelZh5NKgrvf/k4pFxRhJn77+ZZsqBeFqTVSH5nk deTUAfkcNfMyc+pN+5Nhgr/APCh1WfjNUQqJYpGCsjbK3tQN5ST6wp8zSNGPcMH5 BJFPSLHd2tIHxhAfysEqg+ta97uFDCNPvVspOgVfM6W4uuh9oK0t3hIoq+Bz9h4z VzcJyfs5uRp9lAUgVVCLcJBerYy8sORDBox2O6biFdCRgh8tjpCt8E5A/lXcijt/ TOhNeFYhB/HijMh3hTGiYiqu3rwTLXaFUWdwWlByTabwWZlIOV/Lw5M4Chp+c1fu avTQsG0S9xJbsxdPZLwqSHAmINm40t1UecM9ceAZroYeHru0jdNpxVwwQ/WjVuhV 3VRCpRmTau/huJGTvKXHMB317DV75DcnAuSHgKk09a8V32VWE5BUOCUrTWi06Tra 4n07eFqxxhOh/qmDhZAco9F56+A2GENpk3wXglQZXObaikn6aZa9G479V+o8T6YY mb9ulKBmo7f2NaH/xVrE6zxiUT80b3+OlXpHnHxi3svbpPjV6Rw= =2373 -----END PGP SIGNATURE-----