Your message dated Fri, 15 Jan 2016 10:18:31 +0000
with message-id <[email protected]>
and subject line Bug#810325: fixed in wordpress 3.6.1+dfsg-1~deb7u9
has caused the Debian Bug report #810325,
regarding wordpress: CVE-2016-1564: Cross site scripting vulnerability
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
810325: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=810325
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: wordpress
Version: 4.4
Severity: important
Tags: security upstream
Wordpress 4.4.1 is out with the following message[1]
WordPress 4.4.1 is now available. This is a security release for all
previous versions and we strongly encourage you to update your sites
immediately.
WordPress versions 4.4 and earlier are affected by a cross-site
scripting vulnerability that could allow a site to be compromised. This
was reported by Crtc4L.
sid will be easy as its an upgrade to 4.4.1 I'm having trouble figuring
out what changeset is the relevant one. Without that, I cannot pass the
the one changeset out of the 40 or 50 down to the other dists.
- Craig
1:
https://wordpress.org/news/2016/01/wordpress-4-4-1-security-and-maintenance-release/
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.3.0-1-amd64 (SMP w/6 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Source: wordpress
Source-Version: 3.6.1+dfsg-1~deb7u9
We believe that the bug you reported is fixed in the latest version of
wordpress, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Craig Small <[email protected]> (supplier of updated wordpress package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 09 Jan 2016 09:13:17 +1100
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 3.6.1+dfsg-1~deb7u9
Distribution: wheezy-security
Urgency: high
Maintainer: Giuseppe Iuculano <[email protected]>
Changed-By: Craig Small <[email protected]>
Description:
wordpress - weblog manager
wordpress-l10n - weblog manager - language files
Closes: 810325
Changes:
wordpress (3.6.1+dfsg-1~deb7u9) wheezy-security; urgency=high
.
* Apply changeset 36185 fixes XSS CVE-2016-1564 Closes: #810325
Checksums-Sha1:
9a4076a13c2adfafeb22a34c3fe06c3279b1b7cd 2319 wordpress_3.6.1+dfsg-1~deb7u9.dsc
3034020698db66e2355d1eb6c1b8c8b0ba252468 5265156
wordpress_3.6.1+dfsg-1~deb7u9.debian.tar.xz
29d58ce27c34315e8cc4fc1518481e1b3948ddb4 3971732
wordpress_3.6.1+dfsg-1~deb7u9_all.deb
a83a8dfd7143b5378cb972a0cccb33a893e8f249 8871420
wordpress-l10n_3.6.1+dfsg-1~deb7u9_all.deb
Checksums-Sha256:
ba29abec9777fedf109a36fad50928e780266b4b95c85003bf40df5d9be9d332 2319
wordpress_3.6.1+dfsg-1~deb7u9.dsc
ab184b9a134143d27cd75c9d70dc33af31c31fe548d2e8d754cb1ba325f780cd 5265156
wordpress_3.6.1+dfsg-1~deb7u9.debian.tar.xz
bcbf22c91c267db0c0d1e1f8f96f82e934b767a5f13dc8c6f3bb8fbe4ee2f582 3971732
wordpress_3.6.1+dfsg-1~deb7u9_all.deb
6397b207cdc1d45bcc7d17d4a3f860103d85b244f12af273203c6fb1588c7871 8871420
wordpress-l10n_3.6.1+dfsg-1~deb7u9_all.deb
Files:
9f7b858be718fa49eff6697a5fcaacea 2319 web optional
wordpress_3.6.1+dfsg-1~deb7u9.dsc
7a173636b5bf044a554e413fd3543059 5265156 web optional
wordpress_3.6.1+dfsg-1~deb7u9.debian.tar.xz
acdfaffa5e965e843bbe3e14c0b0734f 3971732 web optional
wordpress_3.6.1+dfsg-1~deb7u9_all.deb
291aec601ff8ce882dc07efb09822fdc 8871420 localization optional
wordpress-l10n_3.6.1+dfsg-1~deb7u9_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJWkW/0AAoJEAIhZsD/PITjyZsP/j8pwNc5y+wT7O8OZXAGzkqP
zWlYG4+qEnd5eWP1a1+Ss4JQILpb64mLYWvaLQaMaXOEbictJmfBHb6FB9LZHVo/
IS0hJbFpp9IO5dGukVoUiLrzdgucP7XmEyFXNqSzApHmb41jjm3FwylPhXfc21wO
rZ4hW2vAVxonjRlnj4StAV38Cu+eh8D6f4DxMJfLOwpLWMHyKYkhMLQkUR3qPYnd
SW7QH3ezXtyBD4//tnJMrxStP1X4YwudYZ7VeYpGfK4sfCh2UiWK5rBvrcKXMnx7
P2iDRncsTbH3eDL6QJwXrVD8Tgdln2jAHqf07aJMYHeI7PZPH+UR+9FW0y3S3elN
cibE+G9zf/udeNUBazAlFg3pVjByHYOofJHybzhWF5jL43L4voEiIVStk9HAQRaU
2KIt8zz8vLMGNyTagrBdq7cPTZvm8fA7m61kBbM+K0M+G46jjMZg8aAm7AIGFAuu
nUoFT2mvc/R9fekjo6RVgjBe09c1Hu3XB75VtiWkTDbjU0wRjqpwGYanqkQU+E4U
TLKj8O9+6dY9EErkKbzAR1GHND4aHVwhHoahIMjXfNwRINOmRXFtZr5pfV64Zln8
5qzMkn06C+n8KIBLmyHfvlJGURPMvZ1AKweUtxdWQc3D/Fu9gjKMBMzAhuG65bPy
ppd09ELiVuXq4VsJioF1
=X4XI
-----END PGP SIGNATURE-----
--- End Message ---
