subject:"Bug#880528\: marked as pending"

Processed: Bug#880528 marked as pending

2018-01-03 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> tag 880528 pending
Bug #880528 {Done: Craig Small } [src:wordpress] wordpress: 
CVE-2017-16510: Unsafe queries with wpdb->prepare
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
880528: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880528
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#880528: marked as pending

2018-01-03 Thread Craig Small

tag 880528 pending
thanks

Hello,

Bug #880528 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:


https://anonscm.debian.org/cgit/collab-maint/wordpress.git/commit/?id=88c9ef8

---
commit 88c9ef8afe03dafa9499cf1065d35a0106fe8d71
Author: Craig Small 
Date:   Thu Jan 4 18:26:37 2018 +1100

Restore numbered placeholders

Apply changeset 42058 to restored nuymbered placeholders in
wpdb::prepare()

Fixes CVE-2017-16510

diff --git a/debian/changelog b/debian/changelog
index b18edcf..aec750c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -16,8 +16,10 @@ wordpress (4.7.5+dfsg-2+deb9u2) stretch-security; 
urgency=high
   Ensure the attributes of enclosures are correctly escaped in
   RSS and Atom feeds
   Changeset 42274
+  * Also backport patch for $wpdb->prepare CVE-2017-16510
+Closes: 880528
 
- -- Craig Small   Sat, 09 Dec 2017 18:13:16 +1100
+ -- Craig Small   Thu, 04 Jan 2018 18:19:44 +1100
 
 wordpress (4.7.5+dfsg-2+deb9u1) stretch-security; urgency=medium

Processed: Bug#880528 marked as pending

Bug#880528: marked as pending

2 matches

Site Navigation

Mail list logo

Footer information