[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted wordpress 3.6.1+dfsg-1~deb6u1 (source all)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 14 Sep 2013 10:30:29 +0200
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 3.6.1+dfsg-1~deb6u1
Distribution: squeeze-security
Urgency: high
Maintainer: Giuseppe Iuculano <iuculano@debian.org>
Changed-By: Yves-Alexis Perez <corsac@debian.org>
Description: 
 wordpress  - weblog manager
 wordpress-l10n - weblog manager - language files
Closes: 722537
Changes: 
 wordpress (3.6.1+dfsg-1~deb6u1) squeeze-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Import Wordpress 3.6.1 from Jessie to fix all the security issues present
     in Squeeze:                                                 closes: #722537
     - CVE-2013-4338: unsafe PHP unserialization can causes arbitrary code
     execution.
     - CVE-2013-4339: unproper input validation in URL parsing can lead to
     arbitrary redirection.
     - CVE-2013-4340: privilege escalation allowing an user with an author role
     to create an entry appearing as written by another user.
     - CVE-2013-5738: authenticated users can conduct cross-site scripting
     attacks (XSS) using crafted html file uploads.
     - CVE-2013-5739: default Wordpress configuration doesn't prevent upload
     for .swf and .exe files, making it easier for authenticated users to
     conduct XSS attacks.
Checksums-Sha1: 
 040a70f20d0cf0f2970d9f63f10cee5cfd9486aa 1780 wordpress_3.6.1+dfsg-1~deb6u1.dsc
 997fd2158cd14bd29a5598a81c780db34f7173f7 3214412 wordpress_3.6.1+dfsg.orig.tar.xz
 e35710cc448855680625f2494257779551d152e8 11013851 wordpress_3.6.1+dfsg-1~deb6u1.debian.tar.gz
 8b7a39162d8e978029c4f9a6c0ec6079868939ff 3989552 wordpress_3.6.1+dfsg-1~deb6u1_all.deb
 866298b8e5dc7ab890b9a087779f2e17cfba7869 8859512 wordpress-l10n_3.6.1+dfsg-1~deb6u1_all.deb
Checksums-Sha256: 
 4da43dff7a3390e81b1f8fdab6a352d05ce76cd57ff9505ab7d069d099fe217b 1780 wordpress_3.6.1+dfsg-1~deb6u1.dsc
 20714525a688eadd649e2e497b4cd300870445867e1f8b3305b49da5ca55b50d 3214412 wordpress_3.6.1+dfsg.orig.tar.xz
 901c76616e68290d6a7d6b6f163549a13818d7705a3f81a5895165d163bf4a36 11013851 wordpress_3.6.1+dfsg-1~deb6u1.debian.tar.gz
 4ab6406703fc6715c5fabd03297c91eb0fc891047b901206a95c5ebebe14255e 3989552 wordpress_3.6.1+dfsg-1~deb6u1_all.deb
 6ccd3ff5259953fa791eb9a65c451821b9034a48bd6876fc147e17ec97b6ab81 8859512 wordpress-l10n_3.6.1+dfsg-1~deb6u1_all.deb
Files: 
 3de8613f1ab97dcbecbdf7a84f9cdada 1780 web optional wordpress_3.6.1+dfsg-1~deb6u1.dsc
 4fbd2c241f5d7075b115dfba1b130bfa 3214412 web optional wordpress_3.6.1+dfsg.orig.tar.xz
 ca958a33d1472d748eae52a79196df28 11013851 web optional wordpress_3.6.1+dfsg-1~deb6u1.debian.tar.gz
 3c2875f0b029dd6ce76b39897f548efc 3989552 web optional wordpress_3.6.1+dfsg-1~deb6u1_all.deb
 b55cd30ea279c0b1e1ea4653acf37391 8859512 localization optional wordpress-l10n_3.6.1+dfsg-1~deb6u1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.21 (GNU/Linux)

iQEcBAEBCgAGBQJSNB+wAAoJEG3bU/KmdcClzo4IAI9UtZkS10Tjjoe3ehtt23AM
7RLhZtTVAfwEWL/lvrpipE8Vajaef79eXH07F5PwXD9kATu6rU/10/ONUf3PCgXD
8Lw/+Rembm3aPacLnfz21t15Js6uQTWvdDn/JzcT/8MLsMrWI80jpgoVstqixpGL
gxRuRKNsZFirShDF4lSGLM3lEnRF1k0I9D3SlvcUJChuSKNhdLx7Q1YK2Hqx6JkB
V1fBnYq7RGLX8jyx6W/JuRQ7zd9JWeiwIBgDx0Hhbb2as2SSc0PuwI+o9YRW7vgz
Sze7jVqD/VgxounhEmEZ/fBLVVT6MtAjXH5LMlGcbHIINzsPJVjBjr+4Oa/d/is=
=r28f
-----END PGP SIGNATURE-----


Reply to: