Bug#880528: marked as pending

Craig Small Wed, 03 Jan 2018 23:33:24 -0800

tag 880528 pending
thanks

Hello,


Bug #880528 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:

    
https://anonscm.debian.org/cgit/collab-maint/wordpress.git/commit/?id=88c9ef8

---
commit 88c9ef8afe03dafa9499cf1065d35a0106fe8d71
Author: Craig Small <csm...@debian.org>
Date:   Thu Jan 4 18:26:37 2018 +1100

    Restore numbered placeholders
    
    Apply changeset 42058 to restored nuymbered placeholders in
    wpdb::prepare()
    
    Fixes CVE-2017-16510

diff --git a/debian/changelog b/debian/changelog
index b18edcf..aec750c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -16,8 +16,10 @@ wordpress (4.7.5+dfsg-2+deb9u2) stretch-security; 
urgency=high
       Ensure the attributes of enclosures are correctly escaped in
       RSS and Atom feeds
       Changeset 42274
+  * Also backport patch for $wpdb->prepare CVE-2017-16510
+    Closes: 880528
 
- -- Craig Small <csm...@debian.org>  Sat, 09 Dec 2017 18:13:16 +1100
+ -- Craig Small <csm...@debian.org>  Thu, 04 Jan 2018 18:19:44 +1100
 
 wordpress (4.7.5+dfsg-2+deb9u1) stretch-security; urgency=medium

Bug#880528: marked as pending

Reply via email to