Accepted wordpress 3.5.2+dfsg-1~deb7u1 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 25 Jun 2013 15:52:07 +0200
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 3.5.2+dfsg-1~deb7u1
Distribution: wheezy-security
Urgency: low
Maintainer: Giuseppe Iuculano <iuculano@debian.org>
Changed-By: Raphaël Hertzog <hertzog@debian.org>
Description:
wordpress - weblog manager
wordpress-l10n - weblog manager - language files
Closes: 713947
Changes:
wordpress (3.5.2+dfsg-1~deb7u1) wheezy-security; urgency=low
.
* New upstream release with many security fixes. Closes: #713947
* Server-Side Request Forgery (SSRF) via the HTTP API. CVE-2013-2199.
* Privilege Escalation: Contributors can publish posts, and users can
reassign authorship. CVE-2013-2200.
* Cross-Site Scripting (XSS) in SWFUpload. CVE-2013-2205.
* Denial of Service (DoS) via Post Password Cookies. CVE-2013-2173.
* Content Spoofing via Flash Applet in TinyMCE Media Plugin.
CVE-2013-2204.
* Cross-Site Scripting (XSS) when Uploading Media. CVE-2013-2201.
* Full Path Disclosure (FPD) during File Upload. CVE-2013-2203.
* Additional security hardening includes:
* Cross-Site Scripting (XSS) (Low Severity) when Editing Media.
CVE-2013-2201.
* Cross-Site Scripting (XSS) (Low Severity) when Installing/Updating
Plugins/Themes. CVE-2013-2201.
* XML External Entity Injection (XXE) via oEmbed. CVE-2013-2202.
* Update the Vcs-Git and Vcs-Browser URLs.
* Update Standards-Version to 3.9.4.
Checksums-Sha1:
328c43661b04793cd8c1b74cc99b73277f1c81db 2371 wordpress_3.5.2+dfsg-1~deb7u1.dsc
0b0ed001dfaf4d9ea10d1cd6bf32c8755b1b098e 4261024 wordpress_3.5.2+dfsg.orig.tar.xz
6380169163222142f4bda8c7b340b4bfa4093399 5258236 wordpress_3.5.2+dfsg-1~deb7u1.debian.tar.xz
26e327106c0f1f79baa19d0579f3e6d640fc3ffc 4932942 wordpress_3.5.2+dfsg-1~deb7u1_all.deb
12a3db6aa0dbd8962b2b9e308f222a5d9d26e031 8818752 wordpress-l10n_3.5.2+dfsg-1~deb7u1_all.deb
Checksums-Sha256:
1063ceb235db70cd311ddcdabe441bf8ddaea2022af4c7c01014c6b6a67a97f3 2371 wordpress_3.5.2+dfsg-1~deb7u1.dsc
c4403b912ec5154aa2ff67e2b7afa5a4b67dca055e3421cc000212b73e6f1eb4 4261024 wordpress_3.5.2+dfsg.orig.tar.xz
ee56f142aad5df8b110101730fe7ecf87a45c1d7b76e4ae53a6ace2851ada5d2 5258236 wordpress_3.5.2+dfsg-1~deb7u1.debian.tar.xz
7e88a1568ad12f4aaecc9946709cf1a123ad9fc8cb0aae5cb8a46682d5ddb18b 4932942 wordpress_3.5.2+dfsg-1~deb7u1_all.deb
761c762994e70be95e2ec5c02276265efeda066b88764253971802e407790734 8818752 wordpress-l10n_3.5.2+dfsg-1~deb7u1_all.deb
Files:
3aefef9e0595b6f0d04b480b6b744648 2371 web optional wordpress_3.5.2+dfsg-1~deb7u1.dsc
9dcb3e16668d19373ffdf9b0fe2657dd 4261024 web optional wordpress_3.5.2+dfsg.orig.tar.xz
8af1e30f2698f80abc2c4a0401453ce9 5258236 web optional wordpress_3.5.2+dfsg-1~deb7u1.debian.tar.xz
85f78662d8cb6e58a3077684fae35ccc 4932942 web optional wordpress_3.5.2+dfsg-1~deb7u1_all.deb
c62c1573b0da00eb2ae3499015d73882 8818752 localization optional wordpress-l10n_3.5.2+dfsg-1~deb7u1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Signed by Raphael Hertzog
iQIcBAEBCAAGBQJRzKQ7AAoJEOYZBF3yrHKazGcQAJjM7B1IdLVMebDXA79ewQvF
SV0X+Htbh6gCOI06rlCOxdeXFmgGRMx5nRbxD4I6z7pSDx+/E/cBIVU15vPB5Bt5
sAxNEQMT580kfmSTzif9tcy2OqeZxlDQFgP/Pwtw7P230/b/lt/gijUetoBAQN1g
cWpslcxiO+f9aexKIDKB6yN5z5ouW5R0ATnSsrL6ObHuQ5FPLXWksSbD8Has56An
lPGDdlvCsUhTY3tvwYerdebS6u/2vuJTt+j84KxtVRHGB1EHo3Buy0sT0+Eh1LPc
zpwG8vEuKnHALGGfE8mpBKuK0qXm4D3LdLjTYak8omnymDBzoDTOrK1H4w1dj6J7
XUGcCb8q4p+rN2EYRsGvAGv6cU+NpIsOp11HN1tcpTVJlOXLKbbVOK3WnS+yRhDm
3fIeGKWh40vLerQau/mYAyZs2jRhSHuBYuBwCXC0AJSaDXlbdfVGKWZbjOwVbELZ
2Yl0hPolFgh/RoXodKQliWlF/B5zavTY/0WBiMi19RvzvEm6DJ/ixjFppOKpoh8E
4svx7u+kjDXwFkyBdad6w62w5R97kQ0YM536WDe7hH0f2ZoEIzgETSurSDULUEJ2
jv6IA+paejPTgdhnl+VxGrY0NaXgB461xFwHJfAmEtDC82VpSSjYu+zLbI6Ktw9U
W7PVVmTDdVUYBvDzbgNU
=R5oh
-----END PGP SIGNATURE-----
Reply to: