Bug#813697: marked as done (wordpress: New version available: 4.4.2 (CVE-2016-2221 CVE-2016-2222))

Tue, 16 Feb 2016 14:49:04 -0800 

Your message dated Tue, 16 Feb 2016 22:46:21 +0000
with message-id <[email protected]>
and subject line Bug#813697: fixed in wordpress 3.6.1+dfsg-1~deb6u9
has caused the Debian Bug report #813697,
regarding wordpress: New version available: 4.4.2 (CVE-2016-2221 CVE-2016-2222)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
813697: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813697
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: wordpress
Version: 4.4.1+dfsg-1
Severity: important

Dear Maintainer,

Version 4.4.2 was released two days ago, with the following security fixes:

 *  #36435 HTTP: 0.1.2.3 is not a valid IP.
 *  #36444 Better validation of the URL used in HTTP redirects.

Please consider packaging and uploading this fixed version to unstable.

Thanks.

-- System Information:
Debian Release: 8.1
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.3.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

--- End Message ---
--- Begin Message --- 
Source: wordpress
Source-Version: 3.6.1+dfsg-1~deb6u9

We believe that the bug you reported is fixed in the latest version of
wordpress, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Markus Koschany <[email protected]> (supplier of updated wordpress package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 16 Feb 2016 16:25:44 +0100
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 3.6.1+dfsg-1~deb6u9
Distribution: squeeze-lts
Urgency: high
Maintainer: Giuseppe Iuculano <[email protected]>
Changed-By: Markus Koschany <[email protected]>
Description: 
 wordpress  - weblog manager
 wordpress-l10n - weblog manager - language files
Closes: 813697
Changes: 
 wordpress (3.6.1+dfsg-1~deb6u9) squeeze-lts; urgency=high
 .
   * Non-maintainer upload by the Debian LTS Team.
   * Fix open redirection attack CVE-2016-2221.
   * Fix possible Server Side Request Forgery Vulnerability CVE-2016-2222.
     (Closes: #813697)
Checksums-Sha1: 
 cae4f120934d864c79209e39e41c2cac3be5de79 2239 wordpress_3.6.1+dfsg-1~deb6u9.dsc
 29c6eb2ba25526fdfe6f68d6674b5b05c85ab7c1 11039656 
wordpress_3.6.1+dfsg-1~deb6u9.debian.tar.gz
 0dd8a065365b8874ab5f007616aeb2cfe712b79a 4009676 
wordpress_3.6.1+dfsg-1~deb6u9_all.deb
 c36ce842b13588cfa60c823a47c3665706153d60 8871626 
wordpress-l10n_3.6.1+dfsg-1~deb6u9_all.deb
Checksums-Sha256: 
 de32caf6af34ea57707503f403d33883c1bd756f5af8a2003e7e6fcc84b8f77c 2239 
wordpress_3.6.1+dfsg-1~deb6u9.dsc
 c8ac7a7257683caae821f24193395ec5f35baaff1120ae0fd9737cefcdd1b66c 11039656 
wordpress_3.6.1+dfsg-1~deb6u9.debian.tar.gz
 a305b2b4bd4b75e1551268f7a7187c7e86e77b8bf697b578e9a7e941250d9a12 4009676 
wordpress_3.6.1+dfsg-1~deb6u9_all.deb
 fb230b134d588e7c41a868e1ab0b9fb325549c58e9c6ee5a779341a20bb04fb3 8871626 
wordpress-l10n_3.6.1+dfsg-1~deb6u9_all.deb
Files: 
 f6c0775265b2ed68d07b83494cb73484 2239 web optional 
wordpress_3.6.1+dfsg-1~deb6u9.dsc
 644d43af00aecfe589de3d274b789699 11039656 web optional 
wordpress_3.6.1+dfsg-1~deb6u9.debian.tar.gz
 b85a392aaaecb3c860224433845d5ad9 4009676 web optional 
wordpress_3.6.1+dfsg-1~deb6u9_all.deb
 1c4ae81d2be7cede476e563982bc51fc 8871626 localization optional 
wordpress-l10n_3.6.1+dfsg-1~deb6u9_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJWw0yqXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkIEsP/jec530WzrKNcmeWhLC4z3q5
M9TRK6KHuPtK3BaRn4A8Je6fa4bG8j5x1KAEKXiE+/nkkHiTcyQj5yelrgIFixpP
KBchXj6O7V5WTLHZlYCmXYCfa8cajOHA9g2Vsw2K+MeCzvScC6X1v4UQ/HEyUCTJ
QMzuKNweghmyYBRpkvDS17hpwViVFv8GaUnAz68/WHyffWJYRweeilrJq5v1W6zB
9kQwFIBNs7BsSFNjQ7APXwzB0Qbsjd2/1cFSqq70so2UDEu9Yyi8WYzbS18ShbQz
ZHZG9K4SnAsbblPC9XaxHOEcAt2K+T9HL5vu9knnSgg8RG1yQX/0itA7NjKRZl9u
hhJjEQHzHnjektjJl+0Esx/smzEn69O1MTLYpjFv/+yeT2lJtq4CQYv8oIfLDlXb
XicQWf2QyV/a4KPZqBEJnOm8YFvpHuLFtpWonje2himpip0Wk33wJqmvlvrO8Bi9
8SjFbfCbYiFk0k8YZ6qp26a8lijGnRMyMo2kBkBXXhbrbqZcyS3gOGK4um8+i6l+
HLYmsrWN76UHZyRpaiSPUtp/ZC79xBsoVXiaPlE3ggEHFfRaRpvYRFIfnzNcPJrv
eyF/OFFYW2K+VIX+ZhrGgENxDRWiHr/5X2Tc4gb+GyD9A0Ofa8Cjcu+j+q+CSL3L
QnWqjnBB3a/TOyTNuYJa
=7Rm4
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to