-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 15 Aug 2009 13:34:19 +0200 Source: wordpress Binary: wordpress Architecture: source all Version: 2.5.1-11+lenny1 Distribution: stable-security Urgency: high Maintainer: Andrea De Iacovo <andrea.de.iacovo@gmail.com> Changed-By: Giuseppe Iuculano <giuseppe@iuculano.it> Description: wordpress - weblog manager Closes: 531736 531736 536724 Changes: wordpress (2.5.1-11+lenny1) stable-security; urgency=high . * [27cfd35] Fixed CVE-2008-6762: Force redirect after an upgrade (Closes: #531736) * [ac2490b] Fixed CVE-2008-6767.dpatch: Only admin can upgrade wordpress.(Closes: #531736) * [0ffcaaf] Fixed CVE-2009-2334 and CVE-2009-2854: Added some CYA cap checks (Closes: #536724) * [12717df] Fixed CVE-2009-2851: Sanitize HTML URLs in author comments * [d321ea7] Fixed CVE-2009-2853: Stop direct loading of files in wp-admin that should only be included Checksums-Sha1: f3012344a6557c1e151eb73c9a8675f17d615c84 1051 wordpress_2.5.1-11+lenny1.dsc 4a8d82e9a80bc5b5c1c251e00296e93dbb364829 1181886 wordpress_2.5.1.orig.tar.gz ab98b6e0f13f2393afd049f82e7d694547712bf0 702119 wordpress_2.5.1-11+lenny1.diff.gz d9c0c7d766544efe2edb7135f0712ac568ec1d5a 1029028 wordpress_2.5.1-11+lenny1_all.deb Checksums-Sha256: e473763e11e15324bc6d142adbf57af75ae63979ea3d81c41ff44d70eac8d39d 1051 wordpress_2.5.1-11+lenny1.dsc 3ac5b9287d61ff90f9e1f5790dcfeda490b2da21b5af9098b2f76c3e8059057b 1181886 wordpress_2.5.1.orig.tar.gz a43fff5f077001d4a3aadd1046f25ec2cb3efc488a85c8e90981167963c0fe82 702119 wordpress_2.5.1-11+lenny1.diff.gz 9c923a31537fe1db6b9154215663c91b915b903d056085066925c9763560fcf8 1029028 wordpress_2.5.1-11+lenny1_all.deb Files: 46d9daad717f36918e2709757523f6eb 1051 web optional wordpress_2.5.1-11+lenny1.dsc b1a40387006e54dcbd963d0cb5da0df4 1181886 web optional wordpress_2.5.1.orig.tar.gz 07658ad36bed8829f58b1b6223eac294 702119 web optional wordpress_2.5.1-11+lenny1.diff.gz 2d30e38e22761f87e23d2c85120bb1ff 1029028 web optional wordpress_2.5.1-11+lenny1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkqN5K0ACgkQ62zWxYk/rQfAfACgqEvVSiSmGfpFdzc4zPhikzbM gbQAoKJiSQEbbzMMaDv90Kk7rWbfmNhy =lH4H -----END PGP SIGNATURE----- Accepted: wordpress_2.5.1-11+lenny1.diff.gz to pool/main/w/wordpress/wordpress_2.5.1-11+lenny1.diff.gz wordpress_2.5.1-11+lenny1.dsc to pool/main/w/wordpress/wordpress_2.5.1-11+lenny1.dsc wordpress_2.5.1-11+lenny1_all.deb to pool/main/w/wordpress/wordpress_2.5.1-11+lenny1_all.deb