-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 03 Dec 2014 17:49:41 +1100 Source: wordpress Binary: wordpress wordpress-l10n Architecture: source all Version: 3.6.1+dfsg-1~deb7u5 Distribution: wheezy-security Urgency: high Maintainer: Giuseppe Iuculano <iucul...@debian.org> Changed-By: Craig Small <csm...@debian.org> Description: wordpress - weblog manager wordpress-l10n - weblog manager - language files Closes: 770425 Changes: wordpress (3.6.1+dfsg-1~deb7u5) wheezy-security; urgency=high . * Non-maintainer upload by the Security Team. * Backport patches for 3.7.4->3.7.5 Closes: #770425 * The patches fix the following security bugs: - CVE-2014-9031 XSS in wptexturize() via comments or posts - CVE-2014-9033 CSRF in the password reset process - CVE-2014-9034 Denial of service for giant passwords - CVE-2014-9035 XSS in Press This - CVE-2014-9036 XSS in HTML filtering of CSS in posts - CVE-2014-9037 Hash comparison vulnerability in old passwords - CVE-2014-9038 SSRF: Safe HTTP requests did not sufficiently block the loopback IP address space - CVE-2014-9039 Email address change didn't invalidate previously sent password reset Checksums-Sha1: c20253a8fb57bbb7ee21b02e45a56f4b72df6845 2319 wordpress_3.6.1+dfsg-1~deb7u5.dsc e7d8a19929661cede1cc16952b4c837f0cc66af6 5248764 wordpress_3.6.1+dfsg-1~deb7u5.debian.tar.xz f74318f890320346775b3cb11a907ccd3a3c9046 3963774 wordpress_3.6.1+dfsg-1~deb7u5_all.deb b95f473d2c20d20d21413733bd1215d06297fc7d 8871382 wordpress-l10n_3.6.1+dfsg-1~deb7u5_all.deb Checksums-Sha256: ca1357404b89b5e5d9062d658bce22b1d86d1c385c8f0ab8318435ad8abe1545 2319 wordpress_3.6.1+dfsg-1~deb7u5.dsc 4ffaeaf4766edd68478f8a9e2d6aa5182a6265b1c79ff27525651b01083503a0 5248764 wordpress_3.6.1+dfsg-1~deb7u5.debian.tar.xz ee286acae3ee7280507b23bd6d9218b61023ede2349ccc9a865624b3cffb77d4 3963774 wordpress_3.6.1+dfsg-1~deb7u5_all.deb 623cd45b8c1c20976cf84397cdc376babc7570b94b5bfc3542cc918cd03bebb6 8871382 wordpress-l10n_3.6.1+dfsg-1~deb7u5_all.deb Files: afa4c48ad2294d72638ca3fabd3451bd 2319 web optional wordpress_3.6.1+dfsg-1~deb7u5.dsc 216db17b0d13b2c82243c79726bc2a9b 5248764 web optional wordpress_3.6.1+dfsg-1~deb7u5.debian.tar.xz cc1201f346a9a2d39f2b60cf498df130 3963774 web optional wordpress_3.6.1+dfsg-1~deb7u5_all.deb 518c9bc812ce553515c4203421fbc85c 8871382 localization optional wordpress-l10n_3.6.1+dfsg-1~deb7u5_all.deb
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJUfrOLAAoJEDk4+WvfUP6ld6sP/RfDjF8LwaXJCPIUxtFV4XxM 6JUspwrpSGFklbkHbSd9qFEKb/9FK1pcSX5Ptvv/R6kAZTB6J9eLdwxR596xBdAy DqCwX9X1Chb30ricjh6AOvfloDyY0y0MCkuZUAvm3aptzfST9vhOZ4W+b5ysWBqX VbiZwi0aoMDJIkpSane9ItGwILt6469ZKXXZp2zXk/riDGZnepAmXC3DMbBSSzOa aHI0u4BfgFUBoHB+Ne7P3CVp3JFp1BdhQ9upDZ/HPY0QWL8NSlibaQv3qyjkkovj G6yc3g2I6W6b2H+PFj7HMOvgN3n/CgKtoLgUT6uU6XkwpP2LzmGfrJaNWYoiL3OK syhSLFAgsijaaXiEZpYr1DMumcS0mOgYI0FVF64r8I66LasBVAglQeRz65GsL/fs bC3LuTZPbT/qzsLJeECqNK9bplY+vyUF33jaybNKvb4BAixQfHqXgyJVSD4fP2Y6 DS2WTcLq4N6wAB4cUuxXrQoXyDBX67ZC9JY1sKOAW7WOOm5+6Ud5+eal/Wi4f0lj 7a0RoqmFkwE3gujBqcOwdtu1zQsIbliOVi0alcLlMTnbdWqtdHgmonNKGYg7UQVn S9j4+qxcZYncwhHncRVosdcvNv1zLVEgPRcegNH06dpQtWCZZ6rN92aDhFYx6SXR nwVI5EqIQyaFgh4GZd94 =O05/ -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-changes-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1xy0jr-0006us...@franck.debian.org