Your message dated Fri, 02 Jun 2006 08:17:31 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#369014: fixed in wordpress 2.0.3-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: wordpress
Severity: grave
Tags: security
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The following posting on bugtraq should explain the vulnerability and
it contains an exploit.
http://www.securityfocus.com/archive/1/435039/30/0/threaded
Please check it out. I did not find a CVE# yet.
Thanks and regards,
Daniel
- -- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (850, 'unstable'), (700, 'testing'), (550, 'stable'), (110,
'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.15.08060320
Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEd01qdg0kG0+YFBERAlFEAJsEabg41Q7NUVzHe2g2w22tDk73+gCfTK05
njG3OLsP9DxabBdIflt5zQ8=
=iXkE
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
Source: wordpress
Source-Version: 2.0.3-1
We believe that the bug you reported is fixed in the latest version of
wordpress, which is due to be installed in the Debian FTP archive:
wordpress_2.0.3-1.diff.gz
to pool/main/w/wordpress/wordpress_2.0.3-1.diff.gz
wordpress_2.0.3-1.dsc
to pool/main/w/wordpress/wordpress_2.0.3-1.dsc
wordpress_2.0.3-1_all.deb
to pool/main/w/wordpress/wordpress_2.0.3-1_all.deb
wordpress_2.0.3.orig.tar.gz
to pool/main/w/wordpress/wordpress_2.0.3.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Kai Hendry <[EMAIL PROTECTED]> (supplier of updated wordpress package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 2 Jun 2006 21:00:51 +0900
Source: wordpress
Binary: wordpress
Architecture: source all
Version: 2.0.3-1
Distribution: unstable
Urgency: high
Maintainer: Kai Hendry <[EMAIL PROTECTED]>
Changed-By: Kai Hendry <[EMAIL PROTECTED]>
Description:
wordpress - an award winning weblog manager
Closes: 369014
Changes:
wordpress (2.0.3-1) unstable; urgency=high
.
* New upstream release
* 'Cache' shell injection vulnerability (Closes: #369014)
Files:
06144cdbfa525d07928220df97744dcb 558 web optional wordpress_2.0.3-1.dsc
0ad0696351cba9ef9b4a3dd97b1f327b 501987 web optional
wordpress_2.0.3.orig.tar.gz
e66ea25152017aa3118fbb14748a90b2 7251 web optional wordpress_2.0.3-1.diff.gz
cf73b23a18d9f891a62d421b94b6fc48 502030 web optional wordpress_2.0.3-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEgEfgK/juK3+WFWQRAovBAJ4xabmrkt+DvF5YXh4iGec25BisdgCeIUSJ
9ufUDrdCzTv3//t/WaLEvPM=
=kbOY
-----END PGP SIGNATURE-----
--- End Message ---
