-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 14 Jan 2017 09:30:12 +1100 Source: wordpress Binary: wordpress wordpress-l10n wordpress-theme-twentysixteen wordpress-theme-twentyfifteen wordpress-theme-twentyseventeen Architecture: source all Version: 4.7.1+dfsg-1 Distribution: unstable Urgency: high Maintainer: Craig Small <csm...@debian.org> Changed-By: Craig Small <csm...@debian.org> Description: wordpress - weblog manager wordpress-l10n - weblog manager - language files wordpress-theme-twentyfifteen - weblog manager - twentytfifteen theme files wordpress-theme-twentyseventeen - weblog manager - twentyseventeen theme files wordpress-theme-twentysixteen - weblog manager - twentysixteen theme files Closes: 851310 Changes: wordpress (4.7.1+dfsg-1) unstable; urgency=high . * New upstream release fixes 8 security issues, Closes: #851310 - Cryptographically Weak Pseudo-Random Number Generator - Accessibility Mode Cross-Site Request Forgery (CSRF) - Post via Email Checks mail.example.com by Default - Stored Cross-Site Scripting (XSS) via Theme Name fallback - Cross-Site Request Forgery (CSRF) via Flash Upload - Authenticated Cross-Site scripting (XSS) in update-core.php - User Information Disclosure via REST API - Potential Remote Command Execution (RCE) in PHPMailer Checksums-Sha1: 0032aec2f53c20f836726c969529f3e7692818a4 2539 wordpress_4.7.1+dfsg-1.dsc 800d2ab3d23105dc0495c32f0817d457102ae0c3 6136296 wordpress_4.7.1+dfsg.orig.tar.xz c8273db3b41e99320b410b126e05d7d717ef70b7 6777336 wordpress_4.7.1+dfsg-1.debian.tar.xz 6b6c35ebf0b6f0701225cb7fbc7e3cc890564a0c 4380680 wordpress-l10n_4.7.1+dfsg-1_all.deb 44066478ed8cfe8e56965545fbf402927d523564 699336 wordpress-theme-twentyfifteen_4.7.1+dfsg-1_all.deb 81c260c0aee4fb2c3ee77039d1776cc4e1dd7ef7 939112 wordpress-theme-twentyseventeen_4.7.1+dfsg-1_all.deb 6534b848b139cd79af89b6fcec6e83e0a75fe5b0 588168 wordpress-theme-twentysixteen_4.7.1+dfsg-1_all.deb df5f20256b6fd7045af3f53ee6ea61a1e3aa012c 3967420 wordpress_4.7.1+dfsg-1_all.deb 13c2d9076beaf60a8ce45c396b9b46cc7080d6b7 6475 wordpress_4.7.1+dfsg-1_amd64.buildinfo Checksums-Sha256: 8425eea612e81d2652f1039450c55e83eae1f296236791c130faf45f4620bbf0 2539 wordpress_4.7.1+dfsg-1.dsc 4f53774f40940a625ac0fd08355fa1e3fd09f283744608eeedc496c69d62d2ed 6136296 wordpress_4.7.1+dfsg.orig.tar.xz 611149d60fdc8b2e4e0230da3f414768cd93383914288cfb9023e01b277cf900 6777336 wordpress_4.7.1+dfsg-1.debian.tar.xz 46eaff03a69f3ef404c4f04c99355e82ca5a52c87981278ae7118cfaff9a91c6 4380680 wordpress-l10n_4.7.1+dfsg-1_all.deb 82ebc97296dee4249985d2624d0629853fdec3a244ff43d5a073e5bd410223b9 699336 wordpress-theme-twentyfifteen_4.7.1+dfsg-1_all.deb 0251adc53dd31156565e5182b6ee60a45479c3e48b16a105e5d635bbbc52fc5e 939112 wordpress-theme-twentyseventeen_4.7.1+dfsg-1_all.deb a7b0c5116193b0dcf84e399468305d03a125cd8b8b9dda9aab56082b548121f7 588168 wordpress-theme-twentysixteen_4.7.1+dfsg-1_all.deb 4129164ab506f232c7f80fbcc0013adb952a70a9adc4e3f3eeab3d0fa14f07bc 3967420 wordpress_4.7.1+dfsg-1_all.deb eb521ab65d89d04c0016e69e776bb3da389812efb9e832666c8cf46717292664 6475 wordpress_4.7.1+dfsg-1_amd64.buildinfo Files: 709580fd35a6273f289585c8d1fc592d 2539 web optional wordpress_4.7.1+dfsg-1.dsc 123be1487c274f4695bee56e2fb3dea0 6136296 web optional wordpress_4.7.1+dfsg.orig.tar.xz e5321ab6a0a7e7cc8f6dbc5d4aa748b1 6777336 web optional wordpress_4.7.1+dfsg-1.debian.tar.xz de52e16652539115da533673a762bd1f 4380680 localization optional wordpress-l10n_4.7.1+dfsg-1_all.deb 7c0b5b517dba12456072d1381ff181c3 699336 web optional wordpress-theme-twentyfifteen_4.7.1+dfsg-1_all.deb cbfa0a6a9da0c69a270a031cacaedb6d 939112 web optional wordpress-theme-twentyseventeen_4.7.1+dfsg-1_all.deb 3b8007026136a1a342b556351690a282 588168 web optional wordpress-theme-twentysixteen_4.7.1+dfsg-1_all.deb 4a61d3833f768e87825ce01fbca2d17d 3967420 web optional wordpress_4.7.1+dfsg-1_all.deb 6ae047874dbee8f0f376ac61b0967a04 6475 web optional wordpress_4.7.1+dfsg-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXT3w9TizJ8CqeneiAiFmwP88hOMFAlh5Va4ACgkQAiFmwP88 hOM46Q/9GHpXow4I9u7zmqHLqihTqPgl0N8308JFV/nag/BvUHbqTXCvS74yZkmB 2AUJ6TLxnAS93W2soKBiNmE1IqLLp7S//hEY8QpfvkIPkqfFSLSQC1t8DhVJFNVe l6e01wxYesBYvmht3FXsllvuvLqsTlfA7SyUtM03x8Cj4Enpx2yAvabP1yIlmjm2 eeJj/iEoAAM8NSzjcXuBx6LO24vhPZXGe/T5eC0iR224b/0ywrjsFtoeH8sF0H7t doNQDOJq/zOVY5wVcsVU70UbskUSOJiB5FnFv/RHpfTLtLsywaA6tSDL2S6SYovQ MNcr4toK67ZPApp4tUkBApxnLyroMhwI1+HKdxsDN3+8QlY/b8f0f/L1OA1ndLD9 MOgVPZKZteZpBaGnJCcR2D7h7udm4NEjVjkBvPyxoW8kUGNl+DTlESvzHVIm2nFz 0t0aqXJMmb7dDndTQyUfC8WSHIgaljLqOq33vaY+YFioB1WsAbc+1PpcBXYJYE90 zCfzPR8WeJ5iTnegyaLEk30Dz9M/pnKaDAPlFuweTdHR7Jfp1SY978gjtxlXQKQF Rktc330V9ptiPBl+BW0xZ9R0r6Vt1ybza79/9YCFnd5kQo/aensG19AJ36HzEQoU bkZVe3fdq4vPcOq6OSRLJnR7ykThLOJ+i5hjzatbRzUPBQ07j48= =zj9g -----END PGP SIGNATURE-----