[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted wordpress 3.5.2+dfsg-1~deb7u1 (source all)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 25 Jun 2013 15:52:07 +0200
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 3.5.2+dfsg-1~deb7u1
Distribution: wheezy-security
Urgency: low
Maintainer: Giuseppe Iuculano <iuculano@debian.org>
Changed-By: Raphaël Hertzog <hertzog@debian.org>
Description: 
 wordpress  - weblog manager
 wordpress-l10n - weblog manager - language files
Closes: 713947
Changes: 
 wordpress (3.5.2+dfsg-1~deb7u1) wheezy-security; urgency=low
 .
   * New upstream release with many security fixes. Closes: #713947
     * Server-Side Request Forgery (SSRF) via the HTTP API. CVE-2013-2199.
     * Privilege Escalation: Contributors can publish posts, and users can
       reassign authorship. CVE-2013-2200.
     * Cross-Site Scripting (XSS) in SWFUpload. CVE-2013-2205.
     * Denial of Service (DoS) via Post Password Cookies. CVE-2013-2173.
     * Content Spoofing via Flash Applet in TinyMCE Media Plugin.
       CVE-2013-2204.
     * Cross-Site Scripting (XSS) when Uploading Media. CVE-2013-2201.
     * Full Path Disclosure (FPD) during File Upload. CVE-2013-2203.
   * Additional security hardening includes:
     * Cross-Site Scripting (XSS) (Low Severity) when Editing Media.
       CVE-2013-2201.
     * Cross-Site Scripting (XSS) (Low Severity) when Installing/Updating
       Plugins/Themes. CVE-2013-2201.
     * XML External Entity Injection (XXE) via oEmbed. CVE-2013-2202.
   * Update the Vcs-Git and Vcs-Browser URLs.
   * Update Standards-Version to 3.9.4.
Checksums-Sha1: 
 328c43661b04793cd8c1b74cc99b73277f1c81db 2371 wordpress_3.5.2+dfsg-1~deb7u1.dsc
 0b0ed001dfaf4d9ea10d1cd6bf32c8755b1b098e 4261024 wordpress_3.5.2+dfsg.orig.tar.xz
 6380169163222142f4bda8c7b340b4bfa4093399 5258236 wordpress_3.5.2+dfsg-1~deb7u1.debian.tar.xz
 26e327106c0f1f79baa19d0579f3e6d640fc3ffc 4932942 wordpress_3.5.2+dfsg-1~deb7u1_all.deb
 12a3db6aa0dbd8962b2b9e308f222a5d9d26e031 8818752 wordpress-l10n_3.5.2+dfsg-1~deb7u1_all.deb
Checksums-Sha256: 
 1063ceb235db70cd311ddcdabe441bf8ddaea2022af4c7c01014c6b6a67a97f3 2371 wordpress_3.5.2+dfsg-1~deb7u1.dsc
 c4403b912ec5154aa2ff67e2b7afa5a4b67dca055e3421cc000212b73e6f1eb4 4261024 wordpress_3.5.2+dfsg.orig.tar.xz
 ee56f142aad5df8b110101730fe7ecf87a45c1d7b76e4ae53a6ace2851ada5d2 5258236 wordpress_3.5.2+dfsg-1~deb7u1.debian.tar.xz
 7e88a1568ad12f4aaecc9946709cf1a123ad9fc8cb0aae5cb8a46682d5ddb18b 4932942 wordpress_3.5.2+dfsg-1~deb7u1_all.deb
 761c762994e70be95e2ec5c02276265efeda066b88764253971802e407790734 8818752 wordpress-l10n_3.5.2+dfsg-1~deb7u1_all.deb
Files: 
 3aefef9e0595b6f0d04b480b6b744648 2371 web optional wordpress_3.5.2+dfsg-1~deb7u1.dsc
 9dcb3e16668d19373ffdf9b0fe2657dd 4261024 web optional wordpress_3.5.2+dfsg.orig.tar.xz
 8af1e30f2698f80abc2c4a0401453ce9 5258236 web optional wordpress_3.5.2+dfsg-1~deb7u1.debian.tar.xz
 85f78662d8cb6e58a3077684fae35ccc 4932942 web optional wordpress_3.5.2+dfsg-1~deb7u1_all.deb
 c62c1573b0da00eb2ae3499015d73882 8818752 localization optional wordpress-l10n_3.5.2+dfsg-1~deb7u1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Signed by Raphael Hertzog

iQIcBAEBCAAGBQJRzKQ7AAoJEOYZBF3yrHKazGcQAJjM7B1IdLVMebDXA79ewQvF
SV0X+Htbh6gCOI06rlCOxdeXFmgGRMx5nRbxD4I6z7pSDx+/E/cBIVU15vPB5Bt5
sAxNEQMT580kfmSTzif9tcy2OqeZxlDQFgP/Pwtw7P230/b/lt/gijUetoBAQN1g
cWpslcxiO+f9aexKIDKB6yN5z5ouW5R0ATnSsrL6ObHuQ5FPLXWksSbD8Has56An
lPGDdlvCsUhTY3tvwYerdebS6u/2vuJTt+j84KxtVRHGB1EHo3Buy0sT0+Eh1LPc
zpwG8vEuKnHALGGfE8mpBKuK0qXm4D3LdLjTYak8omnymDBzoDTOrK1H4w1dj6J7
XUGcCb8q4p+rN2EYRsGvAGv6cU+NpIsOp11HN1tcpTVJlOXLKbbVOK3WnS+yRhDm
3fIeGKWh40vLerQau/mYAyZs2jRhSHuBYuBwCXC0AJSaDXlbdfVGKWZbjOwVbELZ
2Yl0hPolFgh/RoXodKQliWlF/B5zavTY/0WBiMi19RvzvEm6DJ/ixjFppOKpoh8E
4svx7u+kjDXwFkyBdad6w62w5R97kQ0YM536WDe7hH0f2ZoEIzgETSurSDULUEJ2
jv6IA+paejPTgdhnl+VxGrY0NaXgB461xFwHJfAmEtDC82VpSSjYu+zLbI6Ktw9U
W7PVVmTDdVUYBvDzbgNU
=R5oh
-----END PGP SIGNATURE-----


Reply to: