Accepted wordpress 3.0.4+dfsg-1~bpo50+1 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 03 Jan 2011 15:27:22 -0800
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 3.0.4+dfsg-1~bpo50+1
Distribution: lenny-backports
Urgency: high
Maintainer: Giuseppe Iuculano <iuculano@debian.org>
Changed-By: Matt Taggart <taggart@debian.org>
Description:
wordpress - weblog manager
wordpress-l10n - weblog manager - language files
Closes: 490977 496240 500295 500296 501507 504242 506685 507356 507981 511312 514447 514845 517969 517969 531736 531736 533387 536724 537146 539411 541102 541199 541371 544473 549436 551380 551841 555729 556902 561832 566224 585784 586764 590859 591195 602732 605603 605880 606657 607240 607240
Changes:
wordpress (3.0.4+dfsg-1~bpo50+1) lenny-backports; urgency=low
.
* Rebuild for lenny-backports.
.
wordpress (3.0.4+dfsg-1) unstable; urgency=high
.
* [9d62499] Imported Upstream version 3.0.4+dfsg
- This is critical security update, more info: http://wp.me/pZhYe-qt
.
wordpress (3.0.3.dfsg-1) unstable; urgency=high
.
* [e113893] Imported Upstream version 3.0.3.dfsg
- Re-packaged without the hello dolly plugin (Closes: #607240)
* [9d62cfd] Removed hello.patch
.
wordpress (3.0.3-1) unstable; urgency=high
.
* [014c926] Imported Upstream version 3.0.3 (Closes: #606657)
* [f29b6ac] Use GPL-compliant lyrics in the hello dolly plugin.
(Closes: #607240)
.
wordpress (3.0.2-1) unstable; urgency=high
.
[ Raphaël Hertzog ]
* [9d6922c] Improve wp-config.php to support sites on subdomains and
htaccess by providing directives ready to uncomment
.
[ Giuseppe Iuculano ]
* [1dc32d3] Imported Upstream version 3.0.2 (Closes: #605880)
- Author level SQL injection vulnerability fixed (Closes: #605603)
* [b4f2869] Refreshed debian/patches/001readme.patch
* [612c23f] Remove flv_player.swf from manifest.php (Closes: #602732)
.
wordpress (3.0.1-2) unstable; urgency=low
.
* [e8a913f] Remove swfupload.swf from the binary package, as it cannot
be built from source, violating the Policy. (Closes: #591195)
* [92493d0] Document in Readme.Debian how to get swfupload.swf
* [3663a53] debian/get-upstream-i18n: download also configuration
files for RTL-languages (Closes: #585784)
* [8bbdc8b] Added a missing define in debian/wp-config.php (Closes: #590859)
* [34dd063] Updated language files
* [adf55b3] Install *.php configuration files for RTL-languages
.
wordpress (3.0.1-1) unstable; urgency=low
.
* [e6e4f09] Updated watch file
* [12dd7cd] Imported Upstream version 3.0.1
* [7f03621] Bump to standards-version 3.9.1, no changes needed
.
wordpress (3.0-1) unstable; urgency=low
.
[ Giuseppe Iuculano ]
* [a57d26e] Imported Upstream version 3.0 (Closes: #586764)
* [a74cd68] MU: enable multi-user by default and install the proper
blogs.dir directory
* [ffd926e] fix the blogs.dir link
* [c81081d] Adjust MU setup for Debian installations
* [c14dd9d] Update language files
* [6a7296f] Added Raphaël Hertzog in Uploaders
* [7ea24ff] Updated watch file
.
[ Raphaël Hertzog ]
* [2d1df3e] Update patch debian/patches/001readme.patch
* [58a772e] Update patch debian/patches/003installer.patch
* [332abfc] Update patch debian/patches/006rss_language.patch
* [ee99544] Update patch debian/patches/008CVE2008-2392.patch
* [b960914] Refresh patch debian/patches/009CVE2008-6767.patch
* [511eea7] Refresh patch
debian/patches/010disabling_update_note.patch
* [22c5015] Refresh patch debian/patches/manifest.patch
* [7cfe147] Switch to source format 3.0 (quilt).
* [8c86759] Add back the default theme that has been dropped upstream
* [390188e] Adjust links and rules to cope with removal of
scriptaculous/prototype.js
* [1313b13] Add package prefix to many debian/ files for clarity
* [c4e7651] Switch to dh7 tiny rules file and general cleanup of the
build process.
* [625cdbb] Updated Vcs-Git/Vcs-Browser to point to the collab-maint
repository.
.
wordpress (2.9.2-1) unstable; urgency=low
.
* [3f228c1] Imported Upstream version 2.9.2
* [7965955] Bump to Standards-Version 3.8.4 (no changes)
* [e86fd59] Updated language files
.
wordpress (2.9.1-2) unstable; urgency=low
.
* [4a7279a] Fixed the security id in wp-admin/menu.php (Closes: #561832) -
thanks to Franck Nouyrigat
* [aa0f3a0] Allow site names with dash character. (Closes: #566224) -
thanks to Mikko Visa
* [ee0a44e] Updated language files
.
wordpress (2.9.1-1) unstable; urgency=low
.
* [a83b8fd] Imported Upstream version 2.9.1
* [216890e] Added ${misc:Depends} in Depends
* [ec95986] Updated language files
.
wordpress (2.9-1) unstable; urgency=low
.
* [fdd001e] Change wordpress-l10n section (localization)
* [625fa21] Imported Upstream version 2.9
* [dd9b536] Refreshed patches
* [1ce2a9d] Do not remove anymore plugins/wordpress/js direcotry
* [3287ec5] Updated language files (Closes: #556902)
.
wordpress (2.8.6-1) unstable; urgency=low
.
* [cf87b24] Updated debian/watch (Closes: #555729) - thanks to Hideki
Yamane
* [997165e] Imported Upstream version 2.8.6
* [05395e1] debian/wp-config.php: sanitize $debian_server and do not
check if $debian_file is under /etc/wordpress (Closes: #549436)
* [dc016ce] Updated language files
.
wordpress (2.8.5-1) unstable; urgency=high
.
* [b0ebbe1] Imported Upstream version 2.8.5 (Closes: #551841)
- This version fixes CVE-2009-3622, Wordpress Trackback DoS
* [cad0da2] Updated languages files
* [e8438f2] Use /var/log/apache2 directory in the apache example file
(Closes: #551380)
.
wordpress (2.8.4-3) unstable; urgency=low
.
* [dc295db] Provide a more descriptive errror message if the vhost
config file is not found. (LP: #365783)
* [c23192a] Depend on libjs-jquery >= 1.3.3-1 (Closes: #544473) -
thanks to Arnaud Guiton
* [fd27308] Updated debian/copyright
* [94ad7d3] Split up the language files into a separate package
* [08334d7] Updated language files
* [6682ab3] Updated my email address and removed DM-Upload-Allowed
control field
.
wordpress (2.8.4-2) unstable; urgency=low
.
* [e582ddd] Removed reference about drag.gif in manifest.php, thanks
to Michel Meyers (Closes: #517969)
* [a0d70c8] Do not symlink readme.html, instead install it in
/usr/share/wordpress
* [e81e4c3] Depend on tinymce (>= 3.2.6-0.1) and added a proper
symlink to the tabfocus plugin
* [0492b02] Added a note in NEWS and README.debian about the secondary
consequence caused by the previous fix for a possible script
injection via /etc/wordpress/wp-config.php
* [6a3c803] Updated language files
.
wordpress (2.8.4-1) unstable; urgency=low
.
* [5f0812d] Imported Upstream version 2.8.4
* [e1ea94b] Switch to quilt
* [cf8904e] Removed Andrea De Iacovo from Maintainer field, thanks
Andrea for the prior work on wordpress!
* [6013bd8] Removed 007_REQUEST.patch, upstream already fixed CVE-2008-5113
in a better way
* [8da39ea] Removed 004languages.patch, it contains outdated languages
files
* [d5696ea] debian/control: Updated Vcs control field
* [89316e0] debian/rules: Comment the DH_VERBOSE export
* [cf78bf5] debian/wp-config.php: check if $debian_file is under
/etc/wordpress and mitigate a possible script injection via
/etc/wordpress/wp-config.php. Thanks to Raphael Geissert (Closes: #500295)
* [ece1c25] debian/get-upstream-i18n: Do not remove outdated language
files by default
* [59547a2] Do not embed tinymce, php-gettext and cropper. (Closes: #504242)
* [848828d] debian/postinst: Create the symlinks manually, dpkg
doesn't replace directories with symlinks. (Closes: #517969)
* [2af4aea] debian/patches/009CVE2008-6767.patch: Grant upgrade
privilege to all admin users. Thanks to Ivan Warren (Closes: #541371)
* [46e8f2b] debian/control: Removed the sentence about the French
language support, now there are a lot of language files
* [fcd94c6] debian/control: Remove outdated packages from Depends,
Suggests, and Conflicts
* [9c28177] Updated to standards version 3.8.3 (No changes needed)
* [700156e] Added a README.source (Debian Policy Manual section 4.14)
* [13a98d5] Updated language files
* [a86b72a] Do not install readme.html in doc, it doesn't contain any
relevant information for Debian users
* [25d4e8e] Updated copyright file
.
wordpress (2.8.3-2) unstable; urgency=medium
.
* [2372863] debian/patches/011enforce_activaction_key.dpatch: Enforce
activation key to be a string (Closes: #541102)
* [cb80386] Fixed CVE-2008-6767 patch and prevent redirect loop.
(Closes: #541199)
.
wordpress (2.8.3-1) unstable; urgency=medium
.
* [f625087] Imported Upstream version 2.8.3 (Closes: #533387, #539411)
This release fixed several security issue:
- Privileges unchecked and multiple information disclosures.
(CVE-2009-2334, CVE-2009-2335, CVE-2009-2336) (Closes: #536724)
- CVE-2009-2431, CVE-2009-2432: Obtain sensitive information
(Closes: #537146)
- CVE-2008-6762: Open redirect vulnerability in wp-admin/upgrade.php
(Closes: #531736)
* [347c164] debian/control: Added Giuseppe Iuculano in Uploaders,
added Vcs and DM-Upload-Allowed control field
* [92fb4ab] Bump to debhelper 7 compatibility levels
* [5b8536e] Refreshing patches
* [d999c0e] Added a watch file
* [4163c0c] debian/rules: Do not remove the autosave tinymce plugin, there
isn't anymore.
* [9c4d0e5] debian/get-upstream-i18n: download .xpi files into
debian/languages
* [76b7c5c] Install language files
* [a0bfad2] Move gettext in Build-Depends-Indep
* [8b607bf] Use set -e instead of passing -e to the shell on the #!
line
* [6cbbf36] debian/patches/009CVE2008-6767.dpatch: Only admin can
upgrade wordpress. (CVE-2008-6767) (Closes: #531736)
* [d6adfbe] Disabled the the "please update" warning, thanks to Hans
Spaans and Rolf Leggewie (Closes: #506685)
* [15c360c] Updated to standards version 3.8.2 (No changes needed)
.
wordpress (2.7.1-2) unstable; urgency=low
.
* setup-mysql corrected to accept domain names with hyphens (Closes: #514447)
* wp-config.php now dies if no config file is found (Closes: #500296)
* now the static browser uploader is supported (Closes: #501507)
Users che chose to use the browser (instead of flash) to upload media files.
.
wordpress (2.7.1-1) experimental; urgency=low
.
* Merge with upstream Wordpress-2.7 (Closes: #514845)
* Corrected security regression on CVE-2008-2392.
Admins had unfiltered upload capability again.
Now this options is disabled by default and can be
enable through the security options panel.
.
wordpress (2.7-1) experimental; urgency=low
.
* Merge with upstream Wordpress-2.7 (Closes: #507356)
* README file is now more clear about Apache
configuration (Closes: #511312, #507981)
.
wordpress (2.6.2-2) experimental; urgency=low
.
* 007CVE2008-2392.patch modified.
Now users chan dinamically choose to enable unrestricted upload for admins.
.
wordpress (2.6.2-1) experimental; urgency=low
.
* Merge with upstream Wordpress-2.6.2 (Closes: #490977)
* Dependency field was changed to erase useless dependencies (Closes: #496240)
Checksums-Sha1:
4bcee1557a02cd1a6867ae90f9e56114b3c69c6b 1325 wordpress_3.0.4+dfsg-1~bpo50+1.dsc
1c10c65b63bd048360a2951448ce23da3fcc9537 2684144 wordpress_3.0.4+dfsg.orig.tar.gz
076d4a6e8e8080ea3e9e51c890c15dece9f3013d 6785924 wordpress_3.0.4+dfsg-1~bpo50+1.debian.tar.gz
324c3ba5fcd7c0b663452ce1ba650a0272288bc7 2516748 wordpress_3.0.4+dfsg-1~bpo50+1_all.deb
f19ad6e66f6810f456ad7d8750335c70d446bd13 5984022 wordpress-l10n_3.0.4+dfsg-1~bpo50+1_all.deb
Checksums-Sha256:
9983bc64a847acf7edbb3bd47bb32b4495bedd0b210d3841736127a336fbdf82 1325 wordpress_3.0.4+dfsg-1~bpo50+1.dsc
87a833869e76b8c2024479bfc2a076524b28c09faf9d4258f40e22ee88e4da09 2684144 wordpress_3.0.4+dfsg.orig.tar.gz
9effa5077a00d6beaf86a0a56957a811a560e95a1b6b8323062fc7240d220407 6785924 wordpress_3.0.4+dfsg-1~bpo50+1.debian.tar.gz
18136820d3aee3192b6f6560b5e7d8383ac9c69399162b9ac7f6242c4dd1e613 2516748 wordpress_3.0.4+dfsg-1~bpo50+1_all.deb
23cfc1960f749e590cd22308aa2b7d6376b57d073096079ad1ea5ddda6dad173 5984022 wordpress-l10n_3.0.4+dfsg-1~bpo50+1_all.deb
Files:
4731f63c7ac2c6c7abbba1731387d9b0 1325 web optional wordpress_3.0.4+dfsg-1~bpo50+1.dsc
419e7bda9ba244ce1cb32f645ed7dde7 2684144 web optional wordpress_3.0.4+dfsg.orig.tar.gz
5ea22c4b3bf33a266ca84b189e009958 6785924 web optional wordpress_3.0.4+dfsg-1~bpo50+1.debian.tar.gz
4e63ea1a43e1f24f62502b32d4c3f587 2516748 web optional wordpress_3.0.4+dfsg-1~bpo50+1_all.deb
8d67cf2190e59ef08681d7b95e4649e2 5984022 localization optional wordpress-l10n_3.0.4+dfsg-1~bpo50+1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAk0itj4ACgkQHk9mSeopF4U8GACgmkGDZ4f6JEONbtK1D+5kgUSw
APIAoISLOBMmUR5MRpvFIImrW8dRXkiP
=t9Nt
-----END PGP SIGNATURE-----
Accepted:
wordpress-l10n_3.0.4+dfsg-1~bpo50+1_all.deb
to main/w/wordpress/wordpress-l10n_3.0.4+dfsg-1~bpo50+1_all.deb
wordpress_3.0.4+dfsg-1~bpo50+1.debian.tar.gz
to main/w/wordpress/wordpress_3.0.4+dfsg-1~bpo50+1.debian.tar.gz
wordpress_3.0.4+dfsg-1~bpo50+1.dsc
to main/w/wordpress/wordpress_3.0.4+dfsg-1~bpo50+1.dsc
wordpress_3.0.4+dfsg-1~bpo50+1_all.deb
to main/w/wordpress/wordpress_3.0.4+dfsg-1~bpo50+1_all.deb
wordpress_3.0.4+dfsg.orig.tar.gz
to main/w/wordpress/wordpress_3.0.4+dfsg.orig.tar.gz
Reply to: