Accepted wordpress 3.0.2-1~bpo50+1 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 12 Dec 2010 22:47:41 -0800
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 3.0.2-1~bpo50+1
Distribution: lenny-backports
Urgency: high
Maintainer: Giuseppe Iuculano <iuculano@debian.org>
Changed-By: Matt Taggart <taggart@debian.org>
Description:
wordpress - weblog manager
wordpress-l10n - weblog manager - language files
Closes: 490977 496240 500295 500296 501507 504242 506685 507356 507981 511312 514447 514845 517969 517969 531736 531736 533387 536724 537146 539411 541102 541199 541371 544473 549436 551380 551841 555729 556902 561832 566224 585784 586764 590859 591195 602732 605603 605880
Changes:
wordpress (3.0.2-1~bpo50+1) lenny-backports; urgency=low
.
* Rebuild for lenny-backports.
.
wordpress (3.0.2-1) unstable; urgency=high
.
[ Raphaël Hertzog ]
* [9d6922c] Improve wp-config.php to support sites on subdomains and
htaccess by providing directives ready to uncomment
.
[ Giuseppe Iuculano ]
* [1dc32d3] Imported Upstream version 3.0.2 (Closes: #605880)
- Author level SQL injection vulnerability fixed (Closes: #605603)
* [b4f2869] Refreshed debian/patches/001readme.patch
* [612c23f] Remove flv_player.swf from manifest.php (Closes: #602732)
.
wordpress (3.0.1-2) unstable; urgency=low
.
* [e8a913f] Remove swfupload.swf from the binary package, as it cannot
be built from source, violating the Policy. (Closes: #591195)
* [92493d0] Document in Readme.Debian how to get swfupload.swf
* [3663a53] debian/get-upstream-i18n: download also configuration
files for RTL-languages (Closes: #585784)
* [8bbdc8b] Added a missing define in debian/wp-config.php (Closes: #590859)
* [34dd063] Updated language files
* [adf55b3] Install *.php configuration files for RTL-languages
.
wordpress (3.0.1-1) unstable; urgency=low
.
* [e6e4f09] Updated watch file
* [12dd7cd] Imported Upstream version 3.0.1
* [7f03621] Bump to standards-version 3.9.1, no changes needed
.
wordpress (3.0-1) unstable; urgency=low
.
[ Giuseppe Iuculano ]
* [a57d26e] Imported Upstream version 3.0 (Closes: #586764)
* [a74cd68] MU: enable multi-user by default and install the proper
blogs.dir directory
* [ffd926e] fix the blogs.dir link
* [c81081d] Adjust MU setup for Debian installations
* [c14dd9d] Update language files
* [6a7296f] Added Raphaël Hertzog in Uploaders
* [7ea24ff] Updated watch file
.
[ Raphaël Hertzog ]
* [2d1df3e] Update patch debian/patches/001readme.patch
* [58a772e] Update patch debian/patches/003installer.patch
* [332abfc] Update patch debian/patches/006rss_language.patch
* [ee99544] Update patch debian/patches/008CVE2008-2392.patch
* [b960914] Refresh patch debian/patches/009CVE2008-6767.patch
* [511eea7] Refresh patch
debian/patches/010disabling_update_note.patch
* [22c5015] Refresh patch debian/patches/manifest.patch
* [7cfe147] Switch to source format 3.0 (quilt).
* [8c86759] Add back the default theme that has been dropped upstream
* [390188e] Adjust links and rules to cope with removal of
scriptaculous/prototype.js
* [1313b13] Add package prefix to many debian/ files for clarity
* [c4e7651] Switch to dh7 tiny rules file and general cleanup of the
build process.
* [625cdbb] Updated Vcs-Git/Vcs-Browser to point to the collab-maint
repository.
.
wordpress (2.9.2-1) unstable; urgency=low
.
* [3f228c1] Imported Upstream version 2.9.2
* [7965955] Bump to Standards-Version 3.8.4 (no changes)
* [e86fd59] Updated language files
.
wordpress (2.9.1-2) unstable; urgency=low
.
* [4a7279a] Fixed the security id in wp-admin/menu.php (Closes: #561832) -
thanks to Franck Nouyrigat
* [aa0f3a0] Allow site names with dash character. (Closes: #566224) -
thanks to Mikko Visa
* [ee0a44e] Updated language files
.
wordpress (2.9.1-1) unstable; urgency=low
.
* [a83b8fd] Imported Upstream version 2.9.1
* [216890e] Added ${misc:Depends} in Depends
* [ec95986] Updated language files
.
wordpress (2.9-1) unstable; urgency=low
.
* [fdd001e] Change wordpress-l10n section (localization)
* [625fa21] Imported Upstream version 2.9
* [dd9b536] Refreshed patches
* [1ce2a9d] Do not remove anymore plugins/wordpress/js direcotry
* [3287ec5] Updated language files (Closes: #556902)
.
wordpress (2.8.6-1) unstable; urgency=low
.
* [cf87b24] Updated debian/watch (Closes: #555729) - thanks to Hideki
Yamane
* [997165e] Imported Upstream version 2.8.6
* [05395e1] debian/wp-config.php: sanitize $debian_server and do not
check if $debian_file is under /etc/wordpress (Closes: #549436)
* [dc016ce] Updated language files
.
wordpress (2.8.5-1) unstable; urgency=high
.
* [b0ebbe1] Imported Upstream version 2.8.5 (Closes: #551841)
- This version fixes CVE-2009-3622, Wordpress Trackback DoS
* [cad0da2] Updated languages files
* [e8438f2] Use /var/log/apache2 directory in the apache example file
(Closes: #551380)
.
wordpress (2.8.4-3) unstable; urgency=low
.
* [dc295db] Provide a more descriptive errror message if the vhost
config file is not found. (LP: #365783)
* [c23192a] Depend on libjs-jquery >= 1.3.3-1 (Closes: #544473) -
thanks to Arnaud Guiton
* [fd27308] Updated debian/copyright
* [94ad7d3] Split up the language files into a separate package
* [08334d7] Updated language files
* [6682ab3] Updated my email address and removed DM-Upload-Allowed
control field
.
wordpress (2.8.4-2) unstable; urgency=low
.
* [e582ddd] Removed reference about drag.gif in manifest.php, thanks
to Michel Meyers (Closes: #517969)
* [a0d70c8] Do not symlink readme.html, instead install it in
/usr/share/wordpress
* [e81e4c3] Depend on tinymce (>= 3.2.6-0.1) and added a proper
symlink to the tabfocus plugin
* [0492b02] Added a note in NEWS and README.debian about the secondary
consequence caused by the previous fix for a possible script
injection via /etc/wordpress/wp-config.php
* [6a3c803] Updated language files
.
wordpress (2.8.4-1) unstable; urgency=low
.
* [5f0812d] Imported Upstream version 2.8.4
* [e1ea94b] Switch to quilt
* [cf8904e] Removed Andrea De Iacovo from Maintainer field, thanks
Andrea for the prior work on wordpress!
* [6013bd8] Removed 007_REQUEST.patch, upstream already fixed CVE-2008-5113
in a better way
* [8da39ea] Removed 004languages.patch, it contains outdated languages
files
* [d5696ea] debian/control: Updated Vcs control field
* [89316e0] debian/rules: Comment the DH_VERBOSE export
* [cf78bf5] debian/wp-config.php: check if $debian_file is under
/etc/wordpress and mitigate a possible script injection via
/etc/wordpress/wp-config.php. Thanks to Raphael Geissert (Closes: #500295)
* [ece1c25] debian/get-upstream-i18n: Do not remove outdated language
files by default
* [59547a2] Do not embed tinymce, php-gettext and cropper. (Closes: #504242)
* [848828d] debian/postinst: Create the symlinks manually, dpkg
doesn't replace directories with symlinks. (Closes: #517969)
* [2af4aea] debian/patches/009CVE2008-6767.patch: Grant upgrade
privilege to all admin users. Thanks to Ivan Warren (Closes: #541371)
* [46e8f2b] debian/control: Removed the sentence about the French
language support, now there are a lot of language files
* [fcd94c6] debian/control: Remove outdated packages from Depends,
Suggests, and Conflicts
* [9c28177] Updated to standards version 3.8.3 (No changes needed)
* [700156e] Added a README.source (Debian Policy Manual section 4.14)
* [13a98d5] Updated language files
* [a86b72a] Do not install readme.html in doc, it doesn't contain any
relevant information for Debian users
* [25d4e8e] Updated copyright file
.
wordpress (2.8.3-2) unstable; urgency=medium
.
* [2372863] debian/patches/011enforce_activaction_key.dpatch: Enforce
activation key to be a string (Closes: #541102)
* [cb80386] Fixed CVE-2008-6767 patch and prevent redirect loop.
(Closes: #541199)
.
wordpress (2.8.3-1) unstable; urgency=medium
.
* [f625087] Imported Upstream version 2.8.3 (Closes: #533387, #539411)
This release fixed several security issue:
- Privileges unchecked and multiple information disclosures.
(CVE-2009-2334, CVE-2009-2335, CVE-2009-2336) (Closes: #536724)
- CVE-2009-2431, CVE-2009-2432: Obtain sensitive information
(Closes: #537146)
- CVE-2008-6762: Open redirect vulnerability in wp-admin/upgrade.php
(Closes: #531736)
* [347c164] debian/control: Added Giuseppe Iuculano in Uploaders,
added Vcs and DM-Upload-Allowed control field
* [92fb4ab] Bump to debhelper 7 compatibility levels
* [5b8536e] Refreshing patches
* [d999c0e] Added a watch file
* [4163c0c] debian/rules: Do not remove the autosave tinymce plugin, there
isn't anymore.
* [9c4d0e5] debian/get-upstream-i18n: download .xpi files into
debian/languages
* [76b7c5c] Install language files
* [a0bfad2] Move gettext in Build-Depends-Indep
* [8b607bf] Use set -e instead of passing -e to the shell on the #!
line
* [6cbbf36] debian/patches/009CVE2008-6767.dpatch: Only admin can
upgrade wordpress. (CVE-2008-6767) (Closes: #531736)
* [d6adfbe] Disabled the the "please update" warning, thanks to Hans
Spaans and Rolf Leggewie (Closes: #506685)
* [15c360c] Updated to standards version 3.8.2 (No changes needed)
.
wordpress (2.7.1-2) unstable; urgency=low
.
* setup-mysql corrected to accept domain names with hyphens (Closes: #514447)
* wp-config.php now dies if no config file is found (Closes: #500296)
* now the static browser uploader is supported (Closes: #501507)
Users che chose to use the browser (instead of flash) to upload media files.
.
wordpress (2.7.1-1) experimental; urgency=low
.
* Merge with upstream Wordpress-2.7 (Closes: #514845)
* Corrected security regression on CVE-2008-2392.
Admins had unfiltered upload capability again.
Now this options is disabled by default and can be
enable through the security options panel.
.
wordpress (2.7-1) experimental; urgency=low
.
* Merge with upstream Wordpress-2.7 (Closes: #507356)
* README file is now more clear about Apache
configuration (Closes: #511312, #507981)
.
wordpress (2.6.2-2) experimental; urgency=low
.
* 007CVE2008-2392.patch modified.
Now users chan dinamically choose to enable unrestricted upload for admins.
.
wordpress (2.6.2-1) experimental; urgency=low
.
* Merge with upstream Wordpress-2.6.2 (Closes: #490977)
* Dependency field was changed to erase useless dependencies (Closes: #496240)
Checksums-Sha1:
747e9ef501c0297ce390e758e34272381be55a11 1290 wordpress_3.0.2-1~bpo50+1.dsc
08a06c5338dfdd3ca76d99fbe32ade67eec8822b 2688999 wordpress_3.0.2.orig.tar.gz
cbc4ae10ecb16b2ff4f3f46361600cd6f1bba8fb 6785693 wordpress_3.0.2-1~bpo50+1.debian.tar.gz
0de5e5fbf574055ec7f32179a0cbb5160571e2d2 2517368 wordpress_3.0.2-1~bpo50+1_all.deb
66b9a210f27c16c8ad2ea8c195f4ea6c141bda0f 5983890 wordpress-l10n_3.0.2-1~bpo50+1_all.deb
Checksums-Sha256:
3dde3a5c60c2725a4a5dfa6a07b7b7a17a66d66d944879bc6e74a71e05aebb6b 1290 wordpress_3.0.2-1~bpo50+1.dsc
cc6f8707a4b19d44845abec890f7767ef6e053cb71e5799ac9b3705425611d4f 2688999 wordpress_3.0.2.orig.tar.gz
6cb3ff523272d8475b0c28ab942e5d203c7ba404f9cd8cb9b1b69c7514e73c2b 6785693 wordpress_3.0.2-1~bpo50+1.debian.tar.gz
bfe35116d01e76db4c67fdd91447bea0fc640cd60d05338a844edac051e1b743 2517368 wordpress_3.0.2-1~bpo50+1_all.deb
1b5fd21d8dc414ec43ea3d84c956406662d878b6c7c51cdc24ab8a2c23b15797 5983890 wordpress-l10n_3.0.2-1~bpo50+1_all.deb
Files:
8d5d69ec49329aaef2ba705ca0cb1e1d 1290 web optional wordpress_3.0.2-1~bpo50+1.dsc
9f8b305f72dbe96291ca0d13b21cb279 2688999 web optional wordpress_3.0.2.orig.tar.gz
40c8fb15245a773bb4842b466db193e9 6785693 web optional wordpress_3.0.2-1~bpo50+1.debian.tar.gz
ea89a4c4bf8ebb76c776456d3dce0677 2517368 web optional wordpress_3.0.2-1~bpo50+1_all.deb
2b4f1abb8ad4332526904400f3a71b7c 5983890 localization optional wordpress-l10n_3.0.2-1~bpo50+1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAk0FzbIACgkQHk9mSeopF4WA+wCfXIg7xG9zZ51WzgFKzZ+n1Bj9
BQ0An21uYY7w6YTJy+vOeQvZS9P/fAnD
=78jl
-----END PGP SIGNATURE-----
Accepted:
wordpress-l10n_3.0.2-1~bpo50+1_all.deb
to main/w/wordpress/wordpress-l10n_3.0.2-1~bpo50+1_all.deb
wordpress_3.0.2-1~bpo50+1.debian.tar.gz
to main/w/wordpress/wordpress_3.0.2-1~bpo50+1.debian.tar.gz
wordpress_3.0.2-1~bpo50+1.dsc
to main/w/wordpress/wordpress_3.0.2-1~bpo50+1.dsc
wordpress_3.0.2-1~bpo50+1_all.deb
to main/w/wordpress/wordpress_3.0.2-1~bpo50+1_all.deb
wordpress_3.0.2.orig.tar.gz
to main/w/wordpress/wordpress_3.0.2.orig.tar.gz
Reply to: