Accepted wordpress 3.6.1+dfsg-1~deb6u6 (source all) into squeeze-lts
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 01 Jun 2015 13:07:25 +0200
Source: wordpress
Binary: wordpress wordpress-l10n
Architecture: source all
Version: 3.6.1+dfsg-1~deb6u6
Distribution: squeeze-lts
Urgency: medium
Maintainer: Giuseppe Iuculano <iuculano@debian.org>
Changed-By: Mike Gabriel <sunweaver@debian.org>
Description:
wordpress - weblog manager
wordpress-l10n - weblog manager - language files
Closes: 770425 783347 783554
Changes:
wordpress (3.6.1+dfsg-1~deb6u6) squeeze-lts; urgency=medium
.
[ Mike Gabriel ]
* Non-maintainer upload by the Squeeze LTS Team.
+ Backport patch set from wordpress in Debian wheezy
(3.6.1+dfsg-1~deb7u5 and 3.6.1+dfsg-1~deb7u6).
+ For details, see below.
.
[ Craig Small ]
* From 3.6.1+dfsg-1~deb7u6...
* Backports of 4.1.2 security fixes (CVE-2015-3438, CVE-2015-3439).
(Closes: #783347).
- Changeset 32163 sanity checks
- Changeset 32165 sanitize order by
- Changeset 32174 multisite change extra checks
- Changeset 32176 Dashboard escapes titles
- Changeset 32234 More WPDB query sanity
* Backport of 4.2.1 for security fixes Closes: #783554
- Changeset 32307: XSS for long 64k+ comments (CVE-2015-3440).
* Changeset 32172 NOT applied as bug introduced later.
.
* From 3.6.1+dfsg-1~deb7u5...
* Backport patches for 3.7.4->3.7.5 (Closes: #770425).
- CVE-2014-9031 XSS in wptexturize() via comments or posts
- CVE-2014-9033 CSRF in the password reset process
- CVE-2014-9034 Denial of service for giant passwords
- CVE-2014-9035 XSS in Press This
- CVE-2014-9036 XSS in HTML filtering of CSS in posts
- CVE-2014-9037 Hash comparison vulnerability in old passwords
- CVE-2014-9038 SSRF: Safe HTTP requests did not sufficiently block
the loopback IP address space
- CVE-2014-9039 Email address change didn't invalidate previously sent
password reset
Checksums-Sha1:
8579908c887fbf54853c35656000f252b859ad5f 2194 wordpress_3.6.1+dfsg-1~deb6u6.dsc
d6c057f370bbe0e14a4e401e0f4af4ca0f39900b 11018022 wordpress_3.6.1+dfsg-1~deb6u6.debian.tar.gz
f47b685b0549607a5ed361883932d563b802ee7a 3992404 wordpress_3.6.1+dfsg-1~deb6u6_all.deb
fa08938e7c79647ed5b81431794b566afb2c717e 8869726 wordpress-l10n_3.6.1+dfsg-1~deb6u6_all.deb
Checksums-Sha256:
0973d67ec3bfb3d5640f40d4f05720cb9312c83ff170e4bbdd5c84375bed5928 2194 wordpress_3.6.1+dfsg-1~deb6u6.dsc
313a26e3b23acc805c883faacdc70dcbd7388478ba07fb76312c7a2b12bd8e1f 11018022 wordpress_3.6.1+dfsg-1~deb6u6.debian.tar.gz
877e790334675ee6e77d4e130d61cd381e260ae724ccf30996994ac19a70d490 3992404 wordpress_3.6.1+dfsg-1~deb6u6_all.deb
e72c9b4bb1985a04ae0b6006faba85184d031f6758d1914956d8f6f31dd39071 8869726 wordpress-l10n_3.6.1+dfsg-1~deb6u6_all.deb
Files:
83ee2d80c631c8506d121dc0fc2b0c28 2194 web optional wordpress_3.6.1+dfsg-1~deb6u6.dsc
166957d040da2b4a989d6574070ac6bf 11018022 web optional wordpress_3.6.1+dfsg-1~deb6u6.debian.tar.gz
bb6760d7fd9db4ae24c253739e02e445 3992404 web optional wordpress_3.6.1+dfsg-1~deb6u6_all.deb
2c0ca74294de6264aa48e4fe63d14d34 8869726 localization optional wordpress-l10n_3.6.1+dfsg-1~deb6u6_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJVbEIrAAoJEJr0azAldxsx3mQQAJwp+0XGRI2IdL3ObCKd2ic3
3iqRo2EcQME9z8+KI1uDXzLNa+1GFAUW1WiqzIetvcrNAIz9YVt7DGVaL6SZQSQu
adZcHsXgtw/+NJBiqx6Nfjk6Uo6Xh7WMBhHVwt2QpHIt5I7xKK6RWN3aiXdNOuGq
lYqvGZt/TAu5FiPU09iUqp5OcflcCVnHvRm/d/UwU20cS43voYvhrhj3kXXqOMyV
x3uuAC/Uz9Lp64WO+FDFH+skIAUV4zTQw0auQCefOF+vNjvcWezUiDTfez0t0XUv
yLNHFM/w1Heu4ZOaOC+ntO3hyJzyEFTqFpoPu9d2ilM5KGQcqn4vEXHIyEA0pwD7
a++5v+S9Q+ELwc1LUKEElv7gOu0NTk2+cHk0IQ2b2CcANu+I43vXN313Vhua/TF4
sYIp8Q7hv52fpgtWeaCGhZZPdUC65D8Z28pBFcIjNZek8JMH++m9s9r3yx4xHSqT
b3s1lsVWGfa4ZC2XjVF7FPrAb2b1g+ld7TG7f+N4NEV2hJN+DKKeU/GZZREm/o4t
AocQcqmJsxi0KGSZCXbqZTvTCyT6WOuVU6sWPvypKuEJuUvO48ZOdDFCqzbPUyqp
DUdPqPShD5qdDgEghug+7dbcoc+yF6t5Zzo7f308O/acIJnHAMknAC23Z3Sj7TA3
6vuQhTo9ij4MxEOZGb/m
=ylZN
-----END PGP SIGNATURE-----
Reply to: