Accepted wordpress 3.3.2+dfsg-1~squeeze1 (source all)

To: debian-changes@lists.debian.org
Subject: Accepted wordpress 3.3.2+dfsg-1~squeeze1 (source all)
From: Yves-Alexis Perez <corsac@debian.org>
Date: Fri, 21 Sep 2012 20:49:05 +0000
Message-id: <[🔎] E1TFA9p-0006hG-Lz@franck.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 10 May 2012 23:00:46 +0200
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 3.3.2+dfsg-1~squeeze1
Distribution: stable-security
Urgency: low
Maintainer: Giuseppe Iuculano <iuculano@debian.org>
Changed-By: Yves-Alexis Perez <corsac@debian.org>
Description: 
 wordpress  - weblog manager
 wordpress-l10n - weblog manager - language files
Closes: 670124
Changes: 
 wordpress (3.3.2+dfsg-1~squeeze1) stable-security; urgency=low
 .
   * Import wordpress from Wheezy to fix all the security issues present in
     Squeeze. This fixes:
     - CVE-2011-3122, CVE-2011-3125, CVE-2011-3126, CVE-2011-3127,
       CVE-2011-3128, CVE-2011-3129, CVE-2011-3130 (multiple unspecified
       vulnerabilities) which were allocated from
       the Wordpress 3.1.3 / 3.2 beta2 release announcement
     - CVE-2011-4956 (missing input sanitization) and CVE-2011-4957 (missing
       URL length check in make_clickable() function) allocated from Wordpress
       3.1.1 release announcement.
     - CVE-2012-2399 (unspecified vulnerability in
       wp-includes/js/swfupload/swfupload.swf), CVE-2012-2400 (unspecified
       vulnerability in wp-includes/js/swfobject.js), CVE-2012-2401 (Same-Origin
       Policy bypass in Plupload plugin), CVE-2012-2402 (access restriction
       bypass by authenticated site administrators), CVE-2012-2403 (Wordpress
       supports clickable links inside attributes, making it easier to conduct
       XSS attacks) CVE-2012-2404 (Wordpress supports offsite redirects,
       making it easier to conduct XSS attacks), which were allocated from the
       3.3.2 release announcement.                               closes: #670124
   * debian/wordpress.linktrees:
     - don't symlink TinyMCE, it's too old in Squeeze.
     - don't deduplicate jquery, same thing.
     - don't deduplicate jquery-form, doesn't exist in Squeeze.
   * debian/control:
     - drop build-dep on tinymce, libjs-jquery and libjs-jquery-form, we'll use
       the embedded versions.
Checksums-Sha1: 
 9317a6b281ca70f2d4af3acfe8e37f33be38f6b9 2123 wordpress_3.3.2+dfsg-1~squeeze1.dsc
 bc70e62569cda9d0dd13b9210d5df64b5d7cde52 3893105 wordpress_3.3.2+dfsg.orig.tar.gz
 760c22148fb5d7af75629fd68f9faba2cb8212a9 13970688 wordpress_3.3.2+dfsg-1~squeeze1.debian.tar.xz
 792afe139ac350bccb2585bd4c309c9b128072c8 3862096 wordpress_3.3.2+dfsg-1~squeeze1_all.deb
 8a4927fb760f6985905157320f12cf1ce444b905 6535922 wordpress-l10n_3.3.2+dfsg-1~squeeze1_all.deb
Checksums-Sha256: 
 0b25d6c682b4ad0b357b138bea565c76d88d741a0c18748ef02a7ee57c4d17d9 2123 wordpress_3.3.2+dfsg-1~squeeze1.dsc
 1812098d4c3ba35f0b64c5e2af21c24f6c530c2d680f9cee78bc138615b607fb 3893105 wordpress_3.3.2+dfsg.orig.tar.gz
 fbb6e00b17e6dad5564d2daadf76995a2b5793f1b078e48139310810c11f2957 13970688 wordpress_3.3.2+dfsg-1~squeeze1.debian.tar.xz
 4a07b967af497a19660e4cca426cc97576b9211ab992409f93c72ab5c104fd89 3862096 wordpress_3.3.2+dfsg-1~squeeze1_all.deb
 daa128fe4e4794639c5249f1b807b90ffef19f8f5c733d4370bbc289aa085ef3 6535922 wordpress-l10n_3.3.2+dfsg-1~squeeze1_all.deb
Files: 
 cdd10cd122bb204cff70a50d7069d302 2123 web optional wordpress_3.3.2+dfsg-1~squeeze1.dsc
 f8f90cab2ed60a94a430410423acfda6 3893105 web optional wordpress_3.3.2+dfsg.orig.tar.gz
 04408f7c7645117dd9f6eb4afa77186b 13970688 web optional wordpress_3.3.2+dfsg-1~squeeze1.debian.tar.xz
 0e8891b4bd247ac4484bd47d1fa37a60 3862096 web optional wordpress_3.3.2+dfsg-1~squeeze1_all.deb
 f9b3616617fbb87106c2a8ed42a3ebf9 6535922 localization optional wordpress-l10n_3.3.2+dfsg-1~squeeze1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCgAGBQJPrKcdAAoJEDBVD3hx7wuoO9cP/Al0M3xo4DKNY8FJrEgE9QL5
VSmTn8iFJSH5llvN8uuQ4LSZAbzfBPLYJoZTctezaO6KigQD4NjXPzJYCghFvr2D
6FPGpbsiM9gbHASGa91p8ujuVRwo1IIttU01Gmlzo+dk2WQjobLdz5poVfK3qjC5
EUK1OvgjnWC31hxuSqespAfCpf4vZZCdMlmdYRWHdCOvVMwFlXwUCCLh8l/nFblN
JHjxV/xXwubyGi8OqtW2L0CNFuaR7eCVfXF85LqLKdAFsq6Qph7sXkBC8dExf4Oq
8uztZoG3Hfc/pZd1LNhFi0sXbc14AuA5eSOBkat/veHCeJL1ba9OIIuSC0DO5MML
eMbXegr9RQ6Xn4jxeCL8iTmgP38QBnFIip1o5sbNP5y/SqCYZuCzrWe0lE8eoPUW
TCipq+MPrQe3h6kXBsMYW2Kaq5raUr1x96Id4JzUVttJSPnj6rrKYCiCjnbZzXsk
sWmuuG6LPBRr6pSE6l2qzrqhWfIBCgLX89AHvawOsAeh5cB9wiR4jSEgadRT5Xhh
vkSg1iLqErGm6Uu6fuhh8Bm7+GPGlDFB2xRzQoC3EwZzE/znHv/sZjCIbjBOFMKv
j26T/hrUYumrRFouGddoT+lh9wQwbxsMg4ncby1XN4I0vVMrkORWvLHZkZnENcpm
t6glXuJnEwIA+iUer19Q
=iwR+
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted libgc 1:6.8-2 (source mipsel)
Next by Date: Accepted globus-gridftp-server 3.23-1+squeeze1 (source amd64)
Previous by thread: Accepted libgc 1:6.8-2 (source mipsel)
Next by thread: Accepted globus-gridftp-server 3.23-1+squeeze1 (source amd64)
Index(es):
- Date
- Thread