-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 22 Sep 2017 21:57:06 +1000 Source: wordpress Binary: wordpress wordpress-l10n wordpress-theme-twentysixteen wordpress-theme-twentyfifteen wordpress-theme-twentyseventeen Architecture: source all Version: 4.8.2+dfsg-1 Distribution: unstable Urgency: high Maintainer: Craig Small <csm...@debian.org> Changed-By: Craig Small <csm...@debian.org> Description: wordpress - weblog manager wordpress-l10n - weblog manager - language files wordpress-theme-twentyfifteen - weblog manager - twentytfifteen theme files wordpress-theme-twentyseventeen - weblog manager - twentyseventeen theme files wordpress-theme-twentysixteen - weblog manager - twentysixteen theme files Closes: 876274 Changes: wordpress (4.8.2+dfsg-1) unstable; urgency=high . * New upstream security release fixes 9 security issues closes: #876274 CVE IDs will be updated when issued - CVE-2017-XXX $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi) - CVE-2017-TBA Cross-site scripting (XSS) vulnerability in the oEmbed discovery - CVE-2017-TBA Cross-site scripting (XSS) vulnerability in the visual editor - CVE-2017-TBA Path traversal vulnerability in the file unzipping code - CVE-2017-TBA Cross-site scripting (XSS) vulnerability in the plugin editor - CVE-2017-TBA Open redirect in the user and term edit screens - CVE-2017-TBA Path traversal vulnerability in the customizer - CVE-2017-TBA Cross-site scripting (XSS) vulnerability in template names - CVE-2017-TBA Cross-site scripting (XSS) vulnerability in the link modal Checksums-Sha1: cbc9ef4979b73c5d7777d9fa848d6150025eb1d3 2539 wordpress_4.8.2+dfsg-1.dsc a171c3eea4d19bd8dcf38e1133fd73aff5b1e6ca 6382228 wordpress_4.8.2+dfsg.orig.tar.xz 5b4304532f23b2e9f6ceb67d73dcf3a991a3e9de 6778320 wordpress_4.8.2+dfsg-1.debian.tar.xz 889414276026e65d95eab25d9016be33abcbb289 4381636 wordpress-l10n_4.8.2+dfsg-1_all.deb 98a870d255adfe319c8c6f5b9bc701d96afb75db 700400 wordpress-theme-twentyfifteen_4.8.2+dfsg-1_all.deb 48352fd64a2bcfb1265c9075c81c0ead24b4406a 940386 wordpress-theme-twentyseventeen_4.8.2+dfsg-1_all.deb ffcb61aa538ff63f39f837039a280a089ff1a7e7 589080 wordpress-theme-twentysixteen_4.8.2+dfsg-1_all.deb 5dccbb4344649df3f1d720c4a3d6d2493b046146 4140230 wordpress_4.8.2+dfsg-1_all.deb 38a97910927bfec86664e92a25e38f0efa312723 7190 wordpress_4.8.2+dfsg-1_amd64.buildinfo Checksums-Sha256: 2397c07e18b9dade3135ec95b7114f0e99d5da779a042107b4a68945be94bc01 2539 wordpress_4.8.2+dfsg-1.dsc 221c082e1b43fefd698cb6ec83d2c26c9098d2dad2cd4380eb9090aafdebe4da 6382228 wordpress_4.8.2+dfsg.orig.tar.xz 0635de07449e30868f1ddfda0e69d0055ad6589d8ff199c48c724abc731f1bb3 6778320 wordpress_4.8.2+dfsg-1.debian.tar.xz cb182e54602b69494933587e47e0919bb993002b3b0888953b1b812642d310ee 4381636 wordpress-l10n_4.8.2+dfsg-1_all.deb c642ca89b5779f62359e6783930651745b09504f19307c75f395e0c6083f87c9 700400 wordpress-theme-twentyfifteen_4.8.2+dfsg-1_all.deb 68605f8548ece394f88683a9eb8f8ec5da1271428aeaa2855556d8b56eecdd31 940386 wordpress-theme-twentyseventeen_4.8.2+dfsg-1_all.deb c94314de632f3f445d4157a1135c32a43e7f2dd56595f5e28ce659f9a132a788 589080 wordpress-theme-twentysixteen_4.8.2+dfsg-1_all.deb 21260644b2c5e3bd10f0f538699521cef23ff4b9c3772b331f69936c341e31d0 4140230 wordpress_4.8.2+dfsg-1_all.deb 73d9a41d62b6055fcd3b6cc24f764d05cfd60a7bd7ca8070f6ed700d24697b72 7190 wordpress_4.8.2+dfsg-1_amd64.buildinfo Files: 2d39b59b9dc4e09a32ff339359687fe7 2539 web optional wordpress_4.8.2+dfsg-1.dsc 1f1cc2fafa694a196b9a9c152521d93e 6382228 web optional wordpress_4.8.2+dfsg.orig.tar.xz 2c7cef8f928dd7ca33635034f10f8068 6778320 web optional wordpress_4.8.2+dfsg-1.debian.tar.xz d1c904be0e422e9588079bb3d036f3c4 4381636 localization optional wordpress-l10n_4.8.2+dfsg-1_all.deb f4f7cf58b3e037e0aaf60aceef0ef56a 700400 web optional wordpress-theme-twentyfifteen_4.8.2+dfsg-1_all.deb f16d70eeebcc1719e71eee7753899e6e 940386 web optional wordpress-theme-twentyseventeen_4.8.2+dfsg-1_all.deb aab8a72df9a764df4f118f3451028d22 589080 web optional wordpress-theme-twentysixteen_4.8.2+dfsg-1_all.deb 643427935a7561a188cd72f9431ffffc 4140230 web optional wordpress_4.8.2+dfsg-1_all.deb d8d3b6579df2fc9d8711cf5de76d5f94 7190 web optional wordpress_4.8.2+dfsg-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXT3w9TizJ8CqeneiAiFmwP88hOMFAlnE++AACgkQAiFmwP88 hON4Ew//RU83/CXuE/7AX4iHg7sADWXzauRLtwMUicYgC18Tdyv93eMdCyzF4OTj KyotwLMaTSByJbYTFZy7mOqtTBPsjgD/UWJumLZ0o53g4MSR5RKNrzqB/5pXy9Rj 1eZ9XOSgeejDBNQk6eDPYG7HBDWAkMMzg62UbP2HYcOMB4UJIPW+Q1i7awMX8Mcq URIZhJoapBrfaYJvwOQPkCHFMJL9CozfKvTCNOBsg3TBGwNxQNUjOgL56oNGUiHG TkpooVlb3pwsjPJ1Qtpa/kwn+sV7+fiQF48ZTLzmkdm5TT/toe6dXJB/lO839UB8 jr2e774OHbwAXv82H9QLAhnPZjY11vLRXL5TnZe8r4Mz0Gupc9aaAD5ZMVcbI56M /Q45w6YbFes/MguaREC/Fz3RnMgqD2wsRV9d1ypTveH5WruFR8ceaqLOw4HVFq+9 ywWwO68GBx7F81OFgUEXvYzI59cX8GPLuLUaHOo27VTeUh8pzz9z7Dy/WJUpmSuL cYmbGpny5mBAyxChWejIXcaXrLU69mlviv7zUs87n1MBfaDbxZTwNLt6w33UGZps tRV1S6GrZU9oDh/B4Yu/XOdIl5mHzKt86i0cC7/MKDpkC2G8cIzgh3uvidKs801l xEds/YAz0EfzLIDMRHqqgixL/m0GRIAxk3gWzkPtHH/842/36ss= =oKrM -----END PGP SIGNATURE-----