-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 3.0 (quilt) Source: wordpress Binary: wordpress, wordpress-l10n, wordpress-theme-twentyfifteen, wordpress-theme-twentyfourteen, wordpress-theme-twentythirteen Architecture: all Version: 4.1+dfsg-1+deb8u4 Maintainer: Craig Small <[email protected]> Homepage: http://wordpress.org Standards-Version: 3.9.6 Vcs-Browser: http://anonscm.debian.org/gitweb/?p=collab-maint/wordpress.git Vcs-Git: git://anonscm.debian.org/collab-maint/wordpress.git Build-Depends: debhelper (>= 9), dh-linktree Build-Depends-Indep: gettext, libjs-backbone, libjs-cropper, libjs-jquery (>= 1.6.1), libjs-jquery-form, libjs-jquery-ui (>= 1.8.1), libjs-mediaelement, libjs-prototype, libjs-scriptaculous, libjs-swfobject, libjs-underscore, libphp-phpmailer (>= 5.1), php-getid3 (>= 1.9.8-2), perl, tinymce (>= 3.4.2) Package-List: wordpress deb web optional arch=all wordpress-l10n deb localization optional arch=all wordpress-theme-twentyfifteen deb web optional arch=all wordpress-theme-twentyfourteen deb web optional arch=all wordpress-theme-twentythirteen deb web optional arch=all Checksums-Sha1: 0b105e79723c1f1c16764eb98122ed426f738940 4749996 wordpress_4.1+dfsg.orig.tar.xz bfdb4cc4aa0eae23804b1a8ee71f792c997d3d97 6115692 wordpress_4.1+dfsg-1+deb8u4.debian.tar.xz Checksums-Sha256: 11ca9ce2f5b05866df9521a50b8be22ac2315f652aa95ba49bdb202c5dda4954 4749996 wordpress_4.1+dfsg.orig.tar.xz 402c78945d133e2ef70997bcea91ca4cca35c7205136d912a2bf991031208549 6115692 wordpress_4.1+dfsg-1+deb8u4.debian.tar.xz Files: 90db367f6588135c80a22a91e1c42fcd 4749996 wordpress_4.1+dfsg.orig.tar.xz c17f0ebbdeab000ac072f8e9d2f726bc 6115692 wordpress_4.1+dfsg-1+deb8u4.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJVycsUAAoJEDk4+WvfUP6lp9YQAJWq45TCX9uIpIJ7ACOQzt4G C43D8qlKmfDfQR1CD5NmNMnQECMDGgNONvrAnN/fWgNQg0b5wyJkMt43Sz1qbGvN uT/oS9xIspk9qq0ZbiJhzRL5Q3bOdb0Oyxrk/ML8voWyRrI1hPqCYCCyLhyhzrK0 TdSsyOw13rMrxPOY7ZtAfvHk+x2Zv1bqPRY0GhJTjqyxNW4gXjoWLXksc/6HcsTL 5cdmd/WuhVdBC0Fe7N//xzCk+kdEWFrWTGTzw2XU5HKnCshIgwxmA/lI+KoYN1yW hyL4xLPSwJ++pZtRgdLGE2+Da7h1bvD2vEgy5RyzxciEIkjzZ5hVXDlXLKkOZ3fR sdldtTuhnavigS1GIuR8L1Cho9HKkkt4tYELN0U5vhOrRKY5otKm4n/KsVzrLOyw +6KCA+/SetI/LTJ/Nnxlt/i4PnrPjEyF0Talg8OuiSXnGy0VyMztguT0T/TS1V9m Wt+Uj//ahb0AO4Mi0t1xyLQhR/NfredrWVO4XSg48GgXPlaA3mmo0EtcFicPa9pT E16pr/TpM1k+5jCJfZUwMkUfTJrHsZ+ls6cKt08pKDxzXnnsVrx88eMfKinsWGb0 fMDSoR3m/XjEKP/Otckf8ajpxrdf5mE+MM648tOBawF/Z9w+5Qse5ly402w7GmtS HDy9UqsiNGJ61ZJPvlOv =vECE -----END PGP SIGNATURE----- Changes: wordpress (4.1+dfsg-1+deb8u4) jessie-security; urgency=high * Rework changeset 33359 reliable shortcodes CVE-2015-5622 Closes: #794548 * Backports of 4.2.4 security fixes Closes: #794560 * Changeset 33555 SQL Injection CVE-2015-2213 * Changeset 33535 fixes timing attack CVE-2015-4730 * Changeset 33542 prevent posts lock attack CVE-2015-5731 * Changeset 33529 XSS widget title CVE-2015-5732 * CVE-2015-5733: Not vulnerable CS32176 fixes this * Changeset 33549 theme preview XSS CVE-2015-5734 -- Craig Small <[email protected]> Wed, 05 Aug 2015 22:44:20 +1000
