Accepted wordpress 4.7.5+dfsg-2+deb9u1~bpo8+1 (all source) into jessie-backports->backports-policy, jessie-backports
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 20 Oct 2017 18:44:24 -0300
Source: wordpress
Binary: wordpress wordpress-l10n wordpress-theme-twentysixteen wordpress-theme-twentyfifteen wordpress-theme-twentyseventeen
Architecture: all source
Version: 4.7.5+dfsg-2+deb9u1~bpo8+1
Distribution: jessie-backports
Urgency: medium
Maintainer: Craig Small <csmall@debian.org>
Changed-By: Rodrigo Campos <rodrigo@sdfg.com.ar>
Closes: 876274 877629
Description:
wordpress-l10n - weblog manager - language files
wordpress-theme-twentyfifteen - weblog manager - twentytfifteen theme files
wordpress-theme-twentyseventeen - weblog manager - twentyseventeen theme files
wordpress-theme-twentysixteen - weblog manager - twentysixteen theme files
wordpress - weblog manager
Changes:
wordpress (4.7.5+dfsg-2+deb9u1~bpo8+1) jessie-backports; urgency=medium
.
* Rebuild stretch version for jessie-backports.
* Fixes security issues, see 4.7.5+dfsg-2+deb9u1 entry
.
wordpress (4.7.5+dfsg-2+deb9u1) stretch-security; urgency=medium
.
* Backport patches from 4.8.2 Closes: #876274
- CVE-2017-14723
$wpdb->prepare() can create unexpected and unsafe queries leading to
potential SQL injection (SQLi)
Changeset 41472, 41498
- CVE-2017-14724
Cross-site scripting (XSS) vulnerability in the oEmbed discovery
Changeset 41451
- CVE-2017-14726
Cross-site scripting (XSS) vulnerability in the visual editor
Changeset 41436
- CVE-2017-14719
Path traversal vulnerability in the file unzipping code
Changeset 41459
- CVE-2017-14721
Cross-site scripting (XSS) vulnerability in the plugin editor
Changeset 41413
- CVE-2017-14725
Open redirect in the user and term edit screens
Changeset 41418
- CVE-2017-14722
Path traversal vulnerability in the customizer
Changeset 41430
- CVE-2017-14720
Cross-site scripting (XSS) vulnerability in template names
Changeset 41413 (same as plugin editor)
- CVE-2017-14718
Cross-site scripting (XSS) vulnerability in the link modal
* Hash user activation key Closes: #877629
Fixes CVE-2017-14990
Checksums-Sha1:
90a156091be7b3818c317386182340152cbc7fca 2668 wordpress_4.7.5+dfsg-2+deb9u1~bpo8+1.dsc
dcda056d8ee1c3287258043dc600b8bbe9e2a944 6785784 wordpress_4.7.5+dfsg-2+deb9u1~bpo8+1.debian.tar.xz
af055acba8d47613261455e6d4c10749fe1122e7 5952 wordpress_4.7.5+dfsg-2+deb9u1~bpo8+1_source.buildinfo
dae3692ba46934aade6018dd03729133fd774b26 4008472 wordpress_4.7.5+dfsg-2+deb9u1~bpo8+1_all.deb
70dfe51311723e15322c5435f34e2bde0b78d1ca 4448298 wordpress-l10n_4.7.5+dfsg-2+deb9u1~bpo8+1_all.deb
744359e164f394b173c75062c7ec3a91e0cdf121 589532 wordpress-theme-twentysixteen_4.7.5+dfsg-2+deb9u1~bpo8+1_all.deb
6b6d963d145b91b5e62ad818ccd32d960991bc8a 700696 wordpress-theme-twentyfifteen_4.7.5+dfsg-2+deb9u1~bpo8+1_all.deb
482ab506375cb12a1927149370317ba75a8406e7 941176 wordpress-theme-twentyseventeen_4.7.5+dfsg-2+deb9u1~bpo8+1_all.deb
Checksums-Sha256:
bd862b4c6118a83f1583e14b2e6977ac8cdea362d4eec1fc51f22d9b83b84e69 2668 wordpress_4.7.5+dfsg-2+deb9u1~bpo8+1.dsc
e95b9e532d51c2383a15f07840dc8c68727b3637c64c3e9c5403174b7b79364b 6785784 wordpress_4.7.5+dfsg-2+deb9u1~bpo8+1.debian.tar.xz
63e0d6371ae673363ed84321267764414455364c3af5ed1b43cd3d1765c524e5 5952 wordpress_4.7.5+dfsg-2+deb9u1~bpo8+1_source.buildinfo
afede3239a5d0d1c4d5b9835ba09e7d5ff9385aea04dab16a6f36c2ee37794c5 4008472 wordpress_4.7.5+dfsg-2+deb9u1~bpo8+1_all.deb
6ad73aeba7c356ea1cbf222753ea2d269bb6ec2027ebcccc4031afe22fee877b 4448298 wordpress-l10n_4.7.5+dfsg-2+deb9u1~bpo8+1_all.deb
a65f8abf3a31cf174dc2608c001c30da7c960df3ea035e3e7c957a66227e22e6 589532 wordpress-theme-twentysixteen_4.7.5+dfsg-2+deb9u1~bpo8+1_all.deb
120619e62663f5a37631589bdfb292b7088abbc0014108414e9d51098d8a0e54 700696 wordpress-theme-twentyfifteen_4.7.5+dfsg-2+deb9u1~bpo8+1_all.deb
8bd0fdedb4a64ed1563a943fd3120acf4016013ba57e92349612acd028bb4c20 941176 wordpress-theme-twentyseventeen_4.7.5+dfsg-2+deb9u1~bpo8+1_all.deb
Files:
88ba1a404eb9ce39fbe90c6c1c1367ad 2668 web optional wordpress_4.7.5+dfsg-2+deb9u1~bpo8+1.dsc
7dea6b33b10716bba7a85731d4f82604 6785784 web optional wordpress_4.7.5+dfsg-2+deb9u1~bpo8+1.debian.tar.xz
4bab82acec769f1cc79893e024d147e6 5952 web optional wordpress_4.7.5+dfsg-2+deb9u1~bpo8+1_source.buildinfo
dd706b237fb9f8bee52915412fc0e5e4 4008472 web optional wordpress_4.7.5+dfsg-2+deb9u1~bpo8+1_all.deb
8157a91e685dca2c289be9e047383a33 4448298 localization optional wordpress-l10n_4.7.5+dfsg-2+deb9u1~bpo8+1_all.deb
a3bb6bc4fe42e8146664b12cf26d1571 589532 web optional wordpress-theme-twentysixteen_4.7.5+dfsg-2+deb9u1~bpo8+1_all.deb
8ee5c9dd32c3734a3b69520bbdbce4de 700696 web optional wordpress-theme-twentyfifteen_4.7.5+dfsg-2+deb9u1~bpo8+1_all.deb
9bfcd60005cedfb44c6c0b42119cd1ce 941176 web optional wordpress-theme-twentyseventeen_4.7.5+dfsg-2+deb9u1~bpo8+1_all.deb
-----BEGIN PGP SIGNATURE-----
iQJBBAEBCAArFiEEy0llJ/kAnyscGnbawAV+cU1pT7IFAlodWekNHGRvbUBlYXJ0
aC5saQAKCRDABX5xTWlPsnEKEACy1KMBIGAqCP5aTcYXMSqtp9xbGS+EylZKWF7D
9VB7VFS+6OI3avRhNw0KVKOCCa0WAt0LswhHCSKi09i3Gmyj8pnGi4PKcK15M2/h
tFYm84RuJm6gWoRNwjIDyRbr+gnyExCkO3WV4XUjbGwSzKIydKSD7l6i8l9p/LQY
ly/nIxtNiM70WbOl7EfyIHPaIyeTMljYzd97x/H+uXqfEy4AdW9lLVLIU4ATOYJy
VX5T37qpi+luSoif7NFmFhqHdceERHpJNek94U1Eec70cxLZZQTwHb9TKUWYj80U
tBl24ZMvgvUJKc96m5JecngqKnNVJAgEisz0HSg0WxZTHYD7FJGlzcf8YxvmbIQ1
MGYZ17XRbmRdGSdPCOblSy39AkWiab4jnxeqnNOzNNG/eSwK0M4X3tkgrlUCSU/c
JaA29KNompPBROU+c17RuOCPd8ckmfkzsx0hpZxQZeUziZw/rNL07c6UR+0C0jJn
nxlC765/ANTwR5NU718hODF1OXmLxSBXvR/Kw5I9zuMWPTU4Hqg7tnZ2HNxnn2cB
k2A17+OPWIU2x9CEhroryL3v33vdRVDjldhf2lfPp3d/tLyxekMDKz/XaY4VnAbA
OsfatMt3khgXbgN6cbkrGizz+7lzWTw62MmX3L15YMfEei384bU5H1WpkB8r2Ecj
IO9tTA==
=++q+
-----END PGP SIGNATURE-----
Reply to: