-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 02 Jun 2017 13:27:03 +0200 Source: wordpress Binary: wordpress wordpress-l10n Architecture: source all Version: 3.6.1+dfsg-1~deb7u15 Distribution: wheezy-security Urgency: high Maintainer: Giuseppe Iuculano <iuculano@debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: wordpress - weblog manager wordpress-l10n - weblog manager - language files Changes: wordpress (3.6.1+dfsg-1~deb7u15) wheezy-security; urgency=high . * Non-maintainer upload by the LTS team. * Backport security fixes from 4.7.5 to Wheezy. * CVE-2017-8295: Potential unauthorized password reset vulnerability. * CVE-2017-9061: A cross-site scripting (XSS) vulnerability exists when someone attempts to upload very large files. * CVE-2017-9062: Improper handling of post meta data values in the XML-RPC API. * CVE-2017-9063: A cross-site scripting (XSS) vulnerability in the customizer. * CVE-2017-9064: A Cross Site Request Forgery (CSRF) vulnerability exists in the filesystem credentials dialog. * CVE-2017-9065: Lack of capability checks for post meta data in the XML-RPC API. Checksums-Sha1: 4640e3da2b4ff7cf618e096aadc2338bb0b5cfa3 2488 wordpress_3.6.1+dfsg-1~deb7u15.dsc 086e6b5013d416e6a8dadfb9e9b543806944a3a4 5243168 wordpress_3.6.1+dfsg-1~deb7u15.debian.tar.xz 73669d6700a1d3b58646d8459c6fe52b9c350f4a 3986270 wordpress_3.6.1+dfsg-1~deb7u15_all.deb d7cb1da0e202c54849c9b961b6ae7aa68a424458 8871430 wordpress-l10n_3.6.1+dfsg-1~deb7u15_all.deb Checksums-Sha256: b0761fd4ea9abc7b6f166d119dfe86965904aa9d29bef83af6fb6065569f922d 2488 wordpress_3.6.1+dfsg-1~deb7u15.dsc 2d8661fa5216f96b9f1903d2d0dc96a493c825239a0c84ea45c551a0a78db776 5243168 wordpress_3.6.1+dfsg-1~deb7u15.debian.tar.xz 4d0bface0b837da2d5f8b090019ac51ef896cf66af8aa613e2462cbe0d0d4f4f 3986270 wordpress_3.6.1+dfsg-1~deb7u15_all.deb 3c609e190e3e50da113f936c666cfa2fdbc8de542da67de5ab80ac39aebe2307 8871430 wordpress-l10n_3.6.1+dfsg-1~deb7u15_all.deb Files: 316cd02feb584dea66dc2ceff03b70d8 2488 web optional wordpress_3.6.1+dfsg-1~deb7u15.dsc 625f64e9d69679866d8fe8961b294c16 5243168 web optional wordpress_3.6.1+dfsg-1~deb7u15.debian.tar.xz 8d50b48552bc34d252825b4b0912a13c 3986270 web optional wordpress_3.6.1+dfsg-1~deb7u15_all.deb f2f4ba3b39f796017f55af2473cc80fa 8871430 localization optional wordpress-l10n_3.6.1+dfsg-1~deb7u15_all.deb -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlkxVvtfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1Hk/zkP/R7ec1fKqyYcdlEfTx0n+NYFXOKNKFRjlrns xOMhXJl7glVdMNbj2KNywQcU6zQ3uoMVzhv/nkxx2EgxsrjNo4SY9YtTqOuOtgrQ kD3u4bXFacVRkqPCnaRRWp2w8ZH6z78krbwUBpWnh9pkdFyNpZVNya53EE9XTOqn A6KfoCfq431GhFL+D5wJjQQAK1F8ckEbxK8FunsbJWZFymicorV+whk8DCyLy16p /Lm5BgyxlPuL3GKnLZIW51QfdMHskR5hd63YE+ILFIkBS1TJtEPKdSkaqYU/ka3T U2Fy0p8wDa2y8n0SY49WmLfWrGZz6aqDJCt4IggSx5hL6F2UHhsO/NX2LhMgAwTE /sc6gtUeExY83jlDAX5+HGzdlIVHblAd/FekjEAL9OWzJAQuJow3YA1kwCkMZIUI gjATTC17OA1PT+8RFGtjaF0RDWdoT8FcpYF2QRmg0iF4Cf/Js68P4kgUq92eifaz tgOKEu4jZWUtV2/8IrgM/MmfQ/YkTSeP8XEsURoPK+6vfaArX05lC4YA8Nt4ge2+ rNDT1VjPkJkRiL9Dn8vJhNzR0jIx7QMwrG8z+1MSZjWSwuBbC73k9UX4ZcE6bA0Z HDVVl+XnImKBmVuOvZZbJig/xZGCPkepH6TTo8n6EBRpMO8WCvF41nBiyYcVEYQ3 w5Y6YI0W =sGvL -----END PGP SIGNATURE-----