Your message dated Fri, 15 Jan 2016 10:17:35 +0000
with message-id <[email protected]>
and subject line Bug#810325: fixed in wordpress 4.1+dfsg-1+deb8u7
has caused the Debian Bug report #810325,
regarding wordpress: CVE-2016-1564: Cross site scripting vulnerability
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
810325: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=810325
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: wordpress
Version: 4.4
Severity: important
Tags: security upstream
Wordpress 4.4.1 is out with the following message[1]
WordPress 4.4.1 is now available. This is a security release for all
previous versions and we strongly encourage you to update your sites
immediately.
WordPress versions 4.4 and earlier are affected by a cross-site
scripting vulnerability that could allow a site to be compromised. This
was reported by Crtc4L.
sid will be easy as its an upgrade to 4.4.1 I'm having trouble figuring
out what changeset is the relevant one. Without that, I cannot pass the
the one changeset out of the 40 or 50 down to the other dists.
- Craig
1:
https://wordpress.org/news/2016/01/wordpress-4-4-1-security-and-maintenance-release/
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.3.0-1-amd64 (SMP w/6 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Source: wordpress
Source-Version: 4.1+dfsg-1+deb8u7
We believe that the bug you reported is fixed in the latest version of
wordpress, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Craig Small <[email protected]> (supplier of updated wordpress package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 09 Jan 2016 08:21:54 +1100
Source: wordpress
Binary: wordpress wordpress-l10n wordpress-theme-twentyfifteen
wordpress-theme-twentyfourteen wordpress-theme-twentythirteen
Architecture: source all
Version: 4.1+dfsg-1+deb8u7
Distribution: jessie-security
Urgency: high
Maintainer: Craig Small <[email protected]>
Changed-By: Craig Small <[email protected]>
Description:
wordpress - weblog manager
wordpress-l10n - weblog manager - language files
wordpress-theme-twentyfifteen - weblog manager - twentytfifteen theme files
wordpress-theme-twentyfourteen - weblog manager - twentyfourteen theme files
wordpress-theme-twentythirteen - weblog manager - twentythirteen theme files
Closes: 810325
Changes:
wordpress (4.1+dfsg-1+deb8u7) jessie-security; urgency=high
.
* Apply changeset 36185 fixes XSS CVE-2016-1564 Closes: #810325
Checksums-Sha1:
2064fa6a526acc6918ea75f59002bd548037795e 2533 wordpress_4.1+dfsg-1+deb8u7.dsc
0e0b64cca4fbf4be98f06c1b1d6520f4e75e4c4a 6116540
wordpress_4.1+dfsg-1+deb8u7.debian.tar.xz
9a9d6b0ddf4bf9cc56280eb91408d1054a85da31 3170052
wordpress_4.1+dfsg-1+deb8u7_all.deb
471f223ed83ef61275239101d26c7030e0ea6e87 4237850
wordpress-l10n_4.1+dfsg-1+deb8u7_all.deb
bb1246535e6f2e04837d5cdcc78cecea9f11353d 501418
wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u7_all.deb
f9998be27c78aea8c1882cb7f84777fe38491546 800650
wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u7_all.deb
420fd542589b8d80e8ff6cd52e7228f77784053d 320280
wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u7_all.deb
Checksums-Sha256:
52ce839fe7e1a1c98815ff3dbfdf2b8d64ba9fc2b9122005003dfb5ad00f0669 2533
wordpress_4.1+dfsg-1+deb8u7.dsc
3412ecb2d6dbdcba25b123b78b55991be19009533fa02311a2ec9e7597f2f701 6116540
wordpress_4.1+dfsg-1+deb8u7.debian.tar.xz
818c70ff00f02ee3dfaff079a9d7ca0a0f18f6a47e792721a1aacfda5f7b9354 3170052
wordpress_4.1+dfsg-1+deb8u7_all.deb
d203430c2a6f4977f5f4de6b5984028d8374d68a94d399c892bc5db433967a74 4237850
wordpress-l10n_4.1+dfsg-1+deb8u7_all.deb
f896ae5dc843c1904ef46d7bd8afd30677b002f08d498b40d438f9fa01cae26d 501418
wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u7_all.deb
a4b2284f3fdb77d3c5ac56a0b989fe2f4b4316fd67f05170dd37296313b29978 800650
wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u7_all.deb
ba63896735ee5e0679ee4141ac1b798e3a579c92f372bd37dcf61fb6985146f1 320280
wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u7_all.deb
Files:
b4ce6bc944d6691ea99abb391c73d6da 2533 web optional
wordpress_4.1+dfsg-1+deb8u7.dsc
6b6b75fff7f83582a31607900a0e3a06 6116540 web optional
wordpress_4.1+dfsg-1+deb8u7.debian.tar.xz
0e30efa3c7345b6f49c09526fe23b4a3 3170052 web optional
wordpress_4.1+dfsg-1+deb8u7_all.deb
d3d049bbfa32d8ee58c7ff55b085cc84 4237850 localization optional
wordpress-l10n_4.1+dfsg-1+deb8u7_all.deb
deaa3df4d45d5c626de3db99d1e9d6ce 501418 web optional
wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u7_all.deb
aa60738cc31322afbf11c9b6f098f431 800650 web optional
wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u7_all.deb
89f0eb71a43be189e1020e03aae6f6a5 320280 web optional
wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u7_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJWkXJBAAoJEAIhZsD/PITjT+gP/ApTrfL+iN0qlGt5DgeBl5Nb
Zf1ojnMaZwzfCy0I35PQxad/RitA9d0QSzN2Eh+2f4A2YfZb/7hKjl477sx9kYzr
UKwnRjH2+ilVliKZCoM2oJ73dl/hlQuJXEnA3whOvC5Mx/95YrOE+4ks3KHmnJzL
QNBvIbVWQtJhAz3RUcG+/zTa5agvOJp3tfdqvKQBfH830jnFzzNwP/uwPCHhXB05
3tHCEESKk9HD1XpR1XUm6eBMOE5Fm+VT3WXtIkqhT4/8Xyf6gLKXHVfN01IG7nRJ
1CmRYtxLTWxkHec5UCs0hxtJgd+cbRVBvrDJU3KYqkoszRZjaGzCXCy0o4NWHH4n
LCiMrHz6HnRWbPXgI1wc+fnm6DzESl7UY8IFZ28TS5ZB9zWAD6DO4cFURF+YSHj7
g7wrcM8FXfP9a0eBWN3EUCvrgbjYVGZbsQTkzqbYigqWShzAc/9umpfrMGRaW05d
VZDvgkfg5XtzkvH6LdBXunDvSaSX8H//VrjRf+dldVW9grQximwqbqJh+ToDtYE7
UafMR5OzbUEyI58DUC21y3hNZ7zFY/r5okGu+3WzCMiquvVOlwa1bTRQyW/9SmyN
hFzuP3ojYGwcOYLAMDXfjG0CR3Tz1V4FZj+GlS1s5J5qAu6h4FykvbqE8rzznAX2
qGe4GPQZCH/jOs65aSrf
=VkPy
-----END PGP SIGNATURE-----
--- End Message ---
