Bug#813697: marked as done (wordpress: New version available: 4.4.2 (CVE-2016-2221 CVE-2016-2222))

Wed, 10 Feb 2016 14:25:11 -0800 

Your message dated Wed, 10 Feb 2016 22:18:26 +0000
with message-id <[email protected]>
and subject line Bug#813697: fixed in wordpress 4.1+dfsg-1+deb8u8
has caused the Debian Bug report #813697,
regarding wordpress: New version available: 4.4.2 (CVE-2016-2221 CVE-2016-2222)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
813697: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813697
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: wordpress
Version: 4.4.1+dfsg-1
Severity: important

Dear Maintainer,

Version 4.4.2 was released two days ago, with the following security fixes:

 *  #36435 HTTP: 0.1.2.3 is not a valid IP.
 *  #36444 Better validation of the URL used in HTTP redirects.

Please consider packaging and uploading this fixed version to unstable.

Thanks.

-- System Information:
Debian Release: 8.1
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.3.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

--- End Message ---
--- Begin Message --- 
Source: wordpress
Source-Version: 4.1+dfsg-1+deb8u8

We believe that the bug you reported is fixed in the latest version of
wordpress, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Craig Small <[email protected]> (supplier of updated wordpress package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 06 Feb 2016 15:13:23 +1100
Source: wordpress
Binary: wordpress wordpress-l10n wordpress-theme-twentyfifteen 
wordpress-theme-twentyfourteen wordpress-theme-twentythirteen
Architecture: source all
Version: 4.1+dfsg-1+deb8u8
Distribution: jessie-security
Urgency: high
Maintainer: Craig Small <[email protected]>
Changed-By: Craig Small <[email protected]>
Description:
 wordpress  - weblog manager
 wordpress-l10n - weblog manager - language files
 wordpress-theme-twentyfifteen - weblog manager - twentytfifteen theme files
 wordpress-theme-twentyfourteen - weblog manager - twentyfourteen theme files
 wordpress-theme-twentythirteen - weblog manager - twentythirteen theme files
Closes: 813697
Changes:
 wordpress (4.1+dfsg-1+deb8u8) jessie-security; urgency=high
 .
   * Changeset 36435 fixes SSRF for URLs CVE-2016-2222
   * Changeset 36444 improved redirect checking CVE-2016-2221
   * Closes: #813697
Checksums-Sha1:
 ec5b7b222f44f2514fd520ea14424d29d409262d 2533 wordpress_4.1+dfsg-1+deb8u8.dsc
 4b55b240b748df7f721213504dd51814fe61cee6 6117108 
wordpress_4.1+dfsg-1+deb8u8.debian.tar.xz
 824b3b7c595c8bad513aadeed62b9d2026afc13c 3169462 
wordpress_4.1+dfsg-1+deb8u8_all.deb
 5425f65784cf77d756961aa5d8e994c367a1a471 4239094 
wordpress-l10n_4.1+dfsg-1+deb8u8_all.deb
 f66a93a4b1b2553365947f5132f6ff1855fa8922 501516 
wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u8_all.deb
 8432cbe09c25041bc1fd4f74148b60cff44bbfb0 800680 
wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u8_all.deb
 8b4b4f9603a30ef76f7cda64125027161def6aa8 320306 
wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u8_all.deb
Checksums-Sha256:
 19b8f53b002dd56d0e620e74cc87800cfe174d04cf24b651fb1acc1c0273e276 2533 
wordpress_4.1+dfsg-1+deb8u8.dsc
 e78b3bdb71910eb14c02c5c86e5c905cd6f1fe613b8ffaaff274962879b80639 6117108 
wordpress_4.1+dfsg-1+deb8u8.debian.tar.xz
 fe8a7abda8f17466e486f45c331aec91f627aadc79ab6d1bd81916827fcddccc 3169462 
wordpress_4.1+dfsg-1+deb8u8_all.deb
 fa393650ec16c3dc8e0b0c08dc49d2d5eeef3447d39b96755405b2749bac35aa 4239094 
wordpress-l10n_4.1+dfsg-1+deb8u8_all.deb
 cba2e6e8d26e7209e935be1deaeb0d39bc8aed11fb632381ae34e07ebb69436d 501516 
wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u8_all.deb
 a838355fb7b0e047e19852c0bda904f061f070202a9f2ac0a71054e6e48cdc57 800680 
wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u8_all.deb
 95c93c18b535a08b3a3e4d712a7f24bcdb0a35d0ac6d308e978fa376dae83413 320306 
wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u8_all.deb
Files:
 0d41430f19ddaca26446adfef0476b2a 2533 web optional 
wordpress_4.1+dfsg-1+deb8u8.dsc
 c2f3f36a4eedbca31beb55d575f88f85 6117108 web optional 
wordpress_4.1+dfsg-1+deb8u8.debian.tar.xz
 1692e417216724943e4158b9910bf9e9 3169462 web optional 
wordpress_4.1+dfsg-1+deb8u8_all.deb
 31ee69de5c524f374760434b14fb1dc8 4239094 localization optional 
wordpress-l10n_4.1+dfsg-1+deb8u8_all.deb
 a7a71bc73b5a3c2b333538431d20c926 501516 web optional 
wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u8_all.deb
 a24e026c011b460582b8e38e7f477bf0 800680 web optional 
wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u8_all.deb
 d3e155f8b0947af07df57fc125279f58 320306 web optional 
wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u8_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWtk1PAAoJEAIhZsD/PITjUP4P/ApbKbDQWbiUrh/jZU2ecXZP
f525u7vJUBcKvQuWjRpSZgXGdf54rK8alaHRCAMr5t8OUBlFCB2gk4Cmhhldb07s
jpPSQJZWwnAmfcTg1aEj5uNHt8lZ/hpohcRL9WXnsCj6XYn7CUvD/CKb7TWF0mkJ
TiSBFTb0AxtO8iF3ZEJoA6uaTP8YG2qrChS7N2McYKXa9qvHh4r1vtTu3E1Bh8Bm
PLH5DnOxd2WAfedJhiZJkhM0zASJv/V9y+o1vFZl7OwmiVY1TSZdim1UPm/Bbuuy
Y8b2wPnbl93rtJ9hQ/YQ92I+nUqT4Ne4IQnSgMxajhrXNWvoa5qnTyLFh7LbLZ+6
jf5tvizAt5hRwmgwcMFDjS1riErKjLdmQziMlQUSbI4EcrEkacc1aHWB4PNlMOWo
fo24G4KU1XOmwzUzQex04ivs3S7RIf89nXd78wApSrnKnZIGITrSiIBhZqbXOSnd
KpcJTp13jENZR5feVnS9gU/fFbfPfGwaKRZgjo/R2x4ssBc56ML4LLJNPXwe8kXA
LjJWYelcJCxIPposETyl7LCWO6vdkuQ1jlTfZjD/ZEBHnpa/qN9tA9gzuNTeAYz9
vGH/ya4h5x0mlehvClFwVjvkUlzEEa4b9rD2ma1mt2asFVmu1yIH/MTdyFFCQX2J
Yahp1VXZzXP6C67apc8C
=YS+P
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to