Your message dated Sat, 28 Dec 2019 08:42:14 +0000
with message-id <[email protected]>
and subject line Bug#946905: fixed in wordpress 5.3.2+dfsg1-1
has caused the Debian Bug report #946905,
regarding wordpress: WordPress 5.3.1 Security and Maintenance Release
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
946905: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946905
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: wordpress
Version: 5.2.4+dfsg1-1
Severity: important
Tags: security upstream
Hi
See
https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
where earlier versions (e.g. 5.2 branch) were as well released with
fixes for these security issues.
As usual, there is not much information provided and likely as well no
CVE requests happened yet (can you take care of it?).
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: wordpress
Source-Version: 5.3.2+dfsg1-1
We believe that the bug you reported is fixed in the latest version of
wordpress, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Craig Small <[email protected]> (supplier of updated wordpress package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 27 Dec 2019 15:18:07 +1100
Source: wordpress
Architecture: source
Version: 5.3.2+dfsg1-1
Distribution: unstable
Urgency: high
Maintainer: Craig Small <[email protected]>
Changed-By: Craig Small <[email protected]>
Closes: 946905
Changes:
wordpress (5.3.2+dfsg1-1) unstable; urgency=high
.
* Fixes some important but non-security bugs.
* Thanks to Nils Radtke <[email protected]> for
their assistance.
* Version 5.3.1 is a security release, fixes several
issues Closes: #946905
- an unprivileged user could make a post sticky via the REST API.
- cross-site scripting (XSS) could be stored in well-crafted links
- hardening wp_kses_bad_protocol() to ensure that it is aware
of the named colon attribute.
- stored XSS vulnerability using block editor content.
* Fix error in CVE-2017-14990 patch where sub-sites cannot
authenticate users. Thanks Connor for your help!
Checksums-Sha1:
3664c4519ea41205d225f954f4a29920d33fed01 2442 wordpress_5.3.2+dfsg1-1.dsc
b1504298d428212b1fa38dc7e13cacca23a23e26 8811360
wordpress_5.3.2+dfsg1.orig.tar.xz
056afc63b3fa3ae6d0faf07ff04b1e51be3f30c9 6821096
wordpress_5.3.2+dfsg1-1.debian.tar.xz
9815ef30cc61621510064acadbd25aa34554c3cc 7157
wordpress_5.3.2+dfsg1-1_amd64.buildinfo
Checksums-Sha256:
e4d667acfc43553eeea14cc9e8f914aa032d3a14dc6661e136dfe3e040246667 2442
wordpress_5.3.2+dfsg1-1.dsc
35c1818771375fc9e60e299ca95ea8e903a0bd5df89a62f8ad3dd675f4109b07 8811360
wordpress_5.3.2+dfsg1.orig.tar.xz
41fe52a3a6000d205500ca2e43055a68cd83b864bd7d3c26bb84c47ca34c8ba1 6821096
wordpress_5.3.2+dfsg1-1.debian.tar.xz
427287fb8fd6a5eff321647bbbd68e12a17c0e5060dd992db99af4dbf2dfd027 7157
wordpress_5.3.2+dfsg1-1_amd64.buildinfo
Files:
b1cfd2f6152e60a302f7c9b062fcc759 2442 web optional wordpress_5.3.2+dfsg1-1.dsc
1e938216aa448497b6f6601a0e5b7943 8811360 web optional
wordpress_5.3.2+dfsg1.orig.tar.xz
e00a1414e0b35e42e94b0538303b99bd 6821096 web optional
wordpress_5.3.2+dfsg1-1.debian.tar.xz
17450c00519c836d9bc6419b6f50bdd5 7157 web optional
wordpress_5.3.2+dfsg1-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEXT3w9TizJ8CqeneiAiFmwP88hOMFAl4HCy4ACgkQAiFmwP88
hOOW2A/+K/3NTZnpHgu37B+0D1VS/HWRS5YVTe+RWZjOP9dr4mgt7NYn2vUSBuMu
4F2hROFwF+jWGXfc80FC5A6TJ0CaFCnOcyscgHMFybCv9lnsLDXx3yrZp+/0c5oG
pagmIk9Apf/orraXKV3pX0cV/DwGoQ4ml8/yNsKOUDVUudNWTtCMERjVLq//CGPB
hVZOHsj+u7gYJyQrDMKAQ8sEdwYDw4E+8aU05ZAz+EvCEAHlXGU4ySjvC9Pe0sHS
Qjz8G/DHcXq1M2V/cbJLWn2tLe77a4bFLu+aRfewk8Y+FAfd933YlByr8czTvV/O
7anBc5yr5eefqKkITGu6DdMe67VmC55hzU06xwPw5m4lKGjb1uKCXerKmKFDRWyl
r057Z/4mH4vhjd4nu4yq6EZq+57HqvYtqMfA3i75Xabp+C901GvQAR1jsc8icIKD
GnDPxPk3Uylt9fKpOpXvXjuJJ4sbdS3eTcbg6pWKxbFUrlYzi00UiEe7SXdnXIxg
VPCTs5Pc7iHR2PS/kRISIeMqDJAQ9l5V267t6MtybtMc8jjzcMWtKagjV8oYOT2R
r70kzfk3ipKgh5LUT+PmknUFbmj+NHQ0VUQBW6amUkV1qpKMOfTlkpLr6dDN5uhr
osLK9T+leDVSICJNAKkVeavP51VpkuIU7TbuwNx0E/fMw48PfSw=
=loHe
-----END PGP SIGNATURE-----
--- End Message ---
