Bug#813697: marked as done (wordpress: New version available: 4.4.2 (CVE-2016-2221 CVE-2016-2222))

Wed, 10 Feb 2016 14:24:37 -0800 

Your message dated Wed, 10 Feb 2016 22:20:24 +0000
with message-id <[email protected]>
and subject line Bug#813697: fixed in wordpress 3.6.1+dfsg-1~deb7u10
has caused the Debian Bug report #813697,
regarding wordpress: New version available: 4.4.2 (CVE-2016-2221 CVE-2016-2222)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
813697: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813697
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: wordpress
Version: 4.4.1+dfsg-1
Severity: important

Dear Maintainer,

Version 4.4.2 was released two days ago, with the following security fixes:

 *  #36435 HTTP: 0.1.2.3 is not a valid IP.
 *  #36444 Better validation of the URL used in HTTP redirects.

Please consider packaging and uploading this fixed version to unstable.

Thanks.

-- System Information:
Debian Release: 8.1
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.3.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

--- End Message ---
--- Begin Message --- 
Source: wordpress
Source-Version: 3.6.1+dfsg-1~deb7u10

We believe that the bug you reported is fixed in the latest version of
wordpress, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Craig Small <[email protected]> (supplier of updated wordpress package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 06 Feb 2016 15:40:51 +1100
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 3.6.1+dfsg-1~deb7u10
Distribution: wheezy-security
Urgency: high
Maintainer: Giuseppe Iuculano <[email protected]>
Changed-By: Craig Small <[email protected]>
Description: 
 wordpress  - weblog manager
 wordpress-l10n - weblog manager - language files
Closes: 813697
Changes: 
 wordpress (3.6.1+dfsg-1~deb7u10) wheezy-security; urgency=high
 .
   * Changeset 36435 fixes SSRF for URLs CVE-2016-2222
   * Changeset 36444 improved redirect checking CVE-2016-2221
   * Closes: #813697
Checksums-Sha1: 
 624e3af1186f06fd786b8864951bca48816e0562 2323 
wordpress_3.6.1+dfsg-1~deb7u10.dsc
 476338e9989881e376bec015aed326ea8ff52ad3 5264980 
wordpress_3.6.1+dfsg-1~deb7u10.debian.tar.xz
 bd239e7e31d636b3a5011098ce80a741e125246e 3972044 
wordpress_3.6.1+dfsg-1~deb7u10_all.deb
 ff40d9f5ba6bfccfbb00764000b590f64d1eb500 8871652 
wordpress-l10n_3.6.1+dfsg-1~deb7u10_all.deb
Checksums-Sha256: 
 6b71d3df3e22d6361cd65f89ab69250b5d7aef3179db0634030349608d26fab7 2323 
wordpress_3.6.1+dfsg-1~deb7u10.dsc
 50cfc661d0dc892ba523e47126dc299d20df34e923ca9615c1550731df24609d 5264980 
wordpress_3.6.1+dfsg-1~deb7u10.debian.tar.xz
 3d05566e61037516313511de6db993efdb04be804b794e4f1eb3de9e4d13b9da 3972044 
wordpress_3.6.1+dfsg-1~deb7u10_all.deb
 7779ac2b8a3423c048ca8607fecf2d8c94d21f34acd02db921cce7349552b71e 8871652 
wordpress-l10n_3.6.1+dfsg-1~deb7u10_all.deb
Files: 
 e34e31f98acbb90c2b8b7520d81e5d16 2323 web optional 
wordpress_3.6.1+dfsg-1~deb7u10.dsc
 4b60d1cd42e90ba199ad2e48caeac8c6 5264980 web optional 
wordpress_3.6.1+dfsg-1~deb7u10.debian.tar.xz
 75dbe2992463c7ba2941263f1813b5df 3972044 web optional 
wordpress_3.6.1+dfsg-1~deb7u10_all.deb
 0f7f09520a80382e39032b3683e452b6 8871652 localization optional 
wordpress-l10n_3.6.1+dfsg-1~deb7u10_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWtaBlAAoJEAIhZsD/PITjv7gP/ivSyb+gJRP+UfvJzZ4lR4Oz
tpQku/i3UgBrc+KOKRGEsHSvV0ZEpD8KroJXELj4C2RkHjycTtsw8QKRTwg6f7Ps
JXv9Y8EVphb/MGS3yIRZOl9vfxu3k+ilmNtgfKp8oP/JPoLzYF5MgTZcBjzJ+dAM
Q8wKAw9kB/8NEfDlSuUbOuJ3OeDkjPbjik1Tc09t5eZXUDKa01wBEUQuuBOWF2BT
DQJX+DbeBa+PyyrSfbtPdGPWrFMlIdDUX4uI81riFz6pZcnQJ2VVekmFBsvaa7fT
QgsVqBigp0gsgFp98zQ9TAAYTEnTegJSfg+3FOnjIIJqzAiDceE3HI/bJJELt/LA
TTUzZS6upypBrLNjginxBjTn25xU79Il4+Pp/Vth4XeicglUZvcnosXkLNPobrdr
IE5xBC7q+P7aXVHp9E20kca/YW0lRgd9E5vhs1KVFIVa3zQZtSb9ZqSkYLYf1QJt
4HTPyDDsmWzyK0hauPJz4/kS2NFEolP+KOCylBrwBpYlPSXYyIwPAYXtGbstSi36
eURp+RvDezu6r90n6nxUWBQkp9429e4x8gmeRXt5+DjhHpEPgE/G4uCjOH5IGn+8
4mRJgmoSlRuTfNXi7lWw1or1jA/Ey25h0/nTcv/xpu8OR3NikneFV/5Ko74RCJvZ
9l/Ka/Z44mg21siREwN4
=oMqq
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to