-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 05 Aug 2015 22:44:20 +1000 Source: wordpress Binary: wordpress wordpress-l10n wordpress-theme-twentyfifteen wordpress-theme-twentyfourteen wordpress-theme-twentythirteen Architecture: source all Version: 4.1+dfsg-1+deb8u4 Distribution: jessie-security Urgency: high Maintainer: Craig Small <csmall@debian.org> Changed-By: Craig Small <csmall@debian.org> Description: wordpress - weblog manager wordpress-l10n - weblog manager - language files wordpress-theme-twentyfifteen - weblog manager - twentytfifteen theme files wordpress-theme-twentyfourteen - weblog manager - twentyfourteen theme files wordpress-theme-twentythirteen - weblog manager - twentythirteen theme files Closes: 794548 794560 Changes: wordpress (4.1+dfsg-1+deb8u4) jessie-security; urgency=high . * Rework changeset 33359 reliable shortcodes CVE-2015-5622 Closes: #794548 * Backports of 4.2.4 security fixes Closes: #794560 * Changeset 33555 SQL Injection CVE-2015-2213 * Changeset 33535 fixes timing attack CVE-2015-4730 * Changeset 33542 prevent posts lock attack CVE-2015-5731 * Changeset 33529 XSS widget title CVE-2015-5732 * CVE-2015-5733: Not vulnerable CS32176 fixes this * Changeset 33549 theme preview XSS CVE-2015-5734 Checksums-Sha1: f79d291d8ea25cd90919437fb9d1fecebc9768e4 2533 wordpress_4.1+dfsg-1+deb8u4.dsc bfdb4cc4aa0eae23804b1a8ee71f792c997d3d97 6115692 wordpress_4.1+dfsg-1+deb8u4.debian.tar.xz 4da3b3fcd173abcc09be8bffdc25f39cdc3f0c09 3169256 wordpress_4.1+dfsg-1+deb8u4_all.deb 07de63d883a9bbd8e503ca1fa4ec43b7e3e31a7f 4238128 wordpress-l10n_4.1+dfsg-1+deb8u4_all.deb 86fdf39805e883e07ea416ca00cffbb5f629f7ed 501258 wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u4_all.deb 4498803c95deeac8a4662f3f434419722523e3da 800496 wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u4_all.deb f229a6408dcdfc1809e7da6cf3f9ea920b887c64 320176 wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u4_all.deb Checksums-Sha256: 590770aac3643a3c70d6760dea42a6f1660596b20ed4644565a00572d008d0cf 2533 wordpress_4.1+dfsg-1+deb8u4.dsc 402c78945d133e2ef70997bcea91ca4cca35c7205136d912a2bf991031208549 6115692 wordpress_4.1+dfsg-1+deb8u4.debian.tar.xz 919855f09b3939be8579f6ea1c0480fd67fddcff916ed94317584013942f7e2f 3169256 wordpress_4.1+dfsg-1+deb8u4_all.deb cb644fde09ae496095980675d12224c1333bdc6e18b68099439fb42951470469 4238128 wordpress-l10n_4.1+dfsg-1+deb8u4_all.deb a010c3ce64fd0255967a37afd2d02a43a028cd42ec9ce5d69c57e063a36916b0 501258 wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u4_all.deb 2078722937f448efabe2755606ce3d337fa129f308b0fd99f42eab5c7c6adc2f 800496 wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u4_all.deb 8dc189d0d2ac605b7e758836a7d78327a2b2e48c24aae520e0cc0d30062a9b77 320176 wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u4_all.deb Files: 577746706fa21996e2f64ec47f3620f0 2533 web optional wordpress_4.1+dfsg-1+deb8u4.dsc c17f0ebbdeab000ac072f8e9d2f726bc 6115692 web optional wordpress_4.1+dfsg-1+deb8u4.debian.tar.xz 685383657bfab41737b032b350e22d98 3169256 web optional wordpress_4.1+dfsg-1+deb8u4_all.deb 407c02c26d6a7bd2d9c96a09465cdaed 4238128 localization optional wordpress-l10n_4.1+dfsg-1+deb8u4_all.deb 5537c91245c51ed0f2653a5f396d5cf4 501258 web optional wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u4_all.deb df1b7a1f1b49a6f1963a5ae6c39c7915 800496 web optional wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u4_all.deb 2b6800b84f2c25b53df56f80c605f67e 320176 web optional wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u4_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJVycsYAAoJEDk4+WvfUP6lEU8QAICteXJSBqZOrZtZE9JSn5T6 nN3LpWJJ7y8VudjblT1iDFNyMp0Gm9gtmf2VbFb8+q0Oh+RoYAvW5JdxezEzdGhL A7k1eBO16fEXSA4mv6JOWyRjWoVigfvlk2X/q4Q9iA5XC7Rt1kCv5gdFUsSqD9Dr Di68T+usZZA0O/TLa/PqYBoXIXKzXN7kma/udnf8hrVQpPuZK1Wq0J4ArkAHLQ17 RsiM24luhAzKgesifVwXEHBdSjlBB6vsxYiAoj8VbywZOMDyFlWeIv1OqJoMw3mE IATjDNOKzjAbSFtlY22vv4hX3fLMQI5HdgoTtxpPEicJqSZzbeXfMDGjvBTbmMuT kgqDFMsMNBfrdjQIhZRyHcIZKJRHDPxM/WddbwDq9vaKDxmuztAa4lmQgyGj24ps VJI8dQtSrfo1Ijcp0CCMPds68JIc+ApUQCxGO7s5GFisSDC6i2ftttKOi7+D1yv6 YGJ4nSnlynuTmaZOe1pYnj+D8/hRxFz+RjyoW8YOtxwK14/Vw3keA25mA/po5KeD ajD2h8vDAF04vBUhRoG36Tv3pgHa56NdbxflAS8DXoPlHVHwqwTkZTl8ZcyvR70M 6RE4wz279vZV/bq1JfZmbaCxJt+4uHahfRGNjyevGYQ3GJ+ucZ95NiHXhRKhG+fo 4vXruUoRZMQ24Ap0ahA4 =omlP -----END PGP SIGNATURE-----