Accepted wordpress 2.0.10-1etch4 (source all)

To: debian-changes@lists.debian.org
Subject: Accepted wordpress 2.0.10-1etch4 (source all)
From: Giuseppe Iuculano <giuseppe@iuculano.it>
Date: Sun, 23 Aug 2009 14:03:07 +0000
Message-id: <[🔎] E1MfDf1-00081G-NU@ries.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 15 Aug 2009 11:58:32 +0200
Source: wordpress
Binary: wordpress
Architecture: source all
Version: 2.0.10-1etch4
Distribution: oldstable-security
Urgency: high
Maintainer: Andrea De Iacovo <andrea.de.iacovo@gmail.com>
Changed-By: Giuseppe Iuculano <giuseppe@iuculano.it>
Description: 
 wordpress  - an award winning weblog manager
Closes: 491846 500115 504234 504243 504771 531736 531736 536724
Changes: 
 wordpress (2.0.10-1etch4) oldstable-security; urgency=high
 .
   * [2ef79dd] Removed 010CVE2008-0664.patch, it caused a regression and
     wordpress 2.0.10 isn't affected by CVE-2008-0664. (Closes: #491846)
   * [abbabe9] Fixed CVE-2008-1502 _bad_protocol_once function in KSES
     allows remote attackers to conduct XSS attacks (Closes: #504243)
   * [e8a73eb] Fixed CVE-2008-4106: Whitespaces in user name are now
     checked during login. (Closes: #500115)
   * [8a2e4f9] Fixed CVE-2008-4769: Sanitize "cat" query var and cast to
     int before looking for a category template
   * [711274f] Fixed CVE-2008-4796: missing input sanitising in embedded
     copy of Snoopy.class.php (Closes: #504234)
   * [17c72c0] Fixed CVE-2008-6762: Force redirect after an upgrade
     (Closes: #531736)
   * [88d8244] Fixed CVE-2008-6767: Only admin can upgrade wordpress.
     (Closes: #531736)
   * [d5c02a9] Fixed CVE-2009-2334 and CVE-2009-2854: Added some CYA cap checks
     (Closes: #536724)
   * [80e9dbd] Fixed CVE-2008-5113: Force REQUEST to be GET + POST.  If
     SERVER, COOKIE, or ENV are needed, use those superglobals directly.
     (Closes: #504771)
   * [7f577ca] Fixed CVE-2009-2851: Sanitize HTML URLs in author comments
   * [f23d55f] Fixed CVE-2009-2853: Stop direct loading of files in wp-admin
     that should only be included
Files: 
 d9389cbc71eee6f08b15762a97c9d537 607 web optional wordpress_2.0.10-1etch4.dsc
 45349b0822fc376b8cfef51b5cec3510 50984 web optional wordpress_2.0.10-1etch4.diff.gz
 71a6aea482d0e7afb9c82701bef336e9 521060 web optional wordpress_2.0.10-1etch4_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqN5KUACgkQ62zWxYk/rQf2XgCdFV8GR2K1YxsS+LI4qrIQVc+z
FXQAoKs1Tt+JiOHxEEM61EeSOwUpUPhw
=kQoV
-----END PGP SIGNATURE-----


Accepted:
wordpress_2.0.10-1etch4.diff.gz
  to pool/main/w/wordpress/wordpress_2.0.10-1etch4.diff.gz
wordpress_2.0.10-1etch4.dsc
  to pool/main/w/wordpress/wordpress_2.0.10-1etch4.dsc
wordpress_2.0.10-1etch4_all.deb
  to pool/main/w/wordpress/wordpress_2.0.10-1etch4_all.deb

Reply to:

Prev by Date: Accepted user-mode-linux 2.6.26-1um-2+19 (source i386)
Next by Date: Accepted pidgin 2.4.3-4lenny3 (source all amd64)
Previous by thread: Accepted user-mode-linux 2.6.26-1um-2+19 (source i386)
Next by thread: Accepted pidgin 2.4.3-4lenny3 (source all amd64)
Index(es):
- Date
- Thread