1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted wordpress 5.7.8+dfsg1-0+deb11u1 (source all) into proposed-upd

    From Debian FTP Masters@21:1/5 to All on Sat Nov 19 20:50:01 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Mon, 24 Oct 2022 21:17:07 +1100
    Source: wordpress
    Binary: wordpress wordpress-l10n wordpress-theme-twentynineteen wordpress-theme-twentytwenty wordpress-theme-twentytwentyone
    Architecture: source all
    Version: 5.7.8+dfsg1-0+deb11u1
    Distribution: bullseye-security
    Urgency: high
    Maintainer: Craig Small <csmall@debian.org>
    Changed-By: Craig Small <csmall@debian.org>
    Description:
    wordpress - weblog manager
    wordpress-l10n - weblog manager - language files
    wordpress-theme-twentynineteen - weblog manager - twentynineteen theme files
    wordpress-theme-twentytwenty - weblog manager - twentytwenty theme files
    wordpress-theme-twentytwentyone - weblog manager - twentytwentyone theme files Closes: 1007005 1018863 1022575
    Changes:
    wordpress (5.7.8+dfsg1-0+deb11u1) bullseye-security; urgency=high
    .
    * WordPress 5.7.6 backport of patches from 5.9.2 Closes: #1007005
    * WordPress 5.7.7 backport of patches from 6.0.2 Closes: #1018863
    - Possible link SQL injection within the Link API
    - XSS in Plugins screen
    - Output escaping issue within the_meta()
    * Wordpress 5.7.8 backport of patches from 6.0.3 Closes: #1022575
    - Stored XSS via wp-mail.php (post by email)
    - Open redirect in `wp_nonce_ays`
    - Sender’s email address is exposed in wp-mail.php
    - Media Library – Reflected XSS via SQLi
    - CSRF in wp-trackback.php
    - Stored XSS via the Customizer
    - Stored XSS in WordPress Core via Comment Editing
    - Data exposure via the REST Terms/Tags Endpoint
    - Content from multipart emails leaked
    - SQL Injection due to improper sanitization in `WP_Date_Query`
    - RSS Widget: Stored XSS issue
    - Stored XSS in the search block
    - Feature Image Block: XSS issue
    - RSS Block: Stored XSS issue
    - Fix widget block XSS
    Checksums-Sha1:
    8a24c12fa6495971f13d0cc95b9137b1bf4a0fe0 2424 wordpress_5.7.8+dfsg1-0+deb11u1.dsc
    2ef14f4d9ba1add1470bf544bb4d3c337303507c 11490472 wordpress_5.7.8+dfsg1.orig.tar.xz
    9fd8204a5d726128191afbe9a9d6ef3c9c3e7527 6825640 wordpress_5.7.8+dfsg1-0+deb11u1.debian.tar.xz
    764bf5625a15718a85209f2b20ecccb9d50cc559 4367604 wordpress-l10n_5.7.8+dfsg1-0+deb11u1_all.deb
    88f80629fc0007584cae2797e282a811b747e049 484420 wordpress-theme-twentynineteen_5.7.8+dfsg1-0+deb11u1_all.deb
    65c4208bb78cf4802f7a1744a98ee4d5496072f1 756868 wordpress-theme-twentytwenty_5.7.8+dfsg1-0+deb11u1_all.deb
    306e315caebf2fbe130d71ac08692d62405c898b 2569952 wordpress-theme-twentytwentyone_5.7.8+dfsg1-0+deb11u1_all.deb
    6e850ae3fad326bd9c7f17bafa3ecec46bd60ef2 7769372 wordpress_5.7.8+dfsg1-0+deb11u1_all.deb
    a44832de41f96d07db981b26d2f06c4add8b9d25 7926 wordpress_5.7.8+dfsg1-0+deb11u1_amd64.buildinfo
    Checksums-Sha256:
    d2db41ab0fc0362b0356ae117eccf23275439f81b2d19883569cacce2f286bc8 2424 wordpress_5.7.8+dfsg1-0+deb11u1.dsc
    e9ff53bf3935963acfa14b02ad79b98340251e8fa2286e84353ad2fa6b4e982c 11490472 wordpress_5.7.8+dfsg1.orig.tar.xz
    71e519b00c0938703a9734a8e59ed399d66adff7781e17ed6ade11d29a0c7f32 6825640 wordpress_5.7.8+dfsg1-0+deb11u1.debian.tar.xz
    f0bb012e0c091db3a8eaacb2541577f95d6feaec756d19add00430c486fd1aaa 4367604 wordpress-l10n_5.7.8+dfsg1-0+deb11u1_all.deb
    a58eeb86e4dae4655c055c58851f57b520e11c24dedaece3bfec7ff325358f75 484420 wordpress-theme-twentynineteen_5.7.8+dfsg1-0+deb11u1_all.deb
    6cea0c7cf2a8fa30e4bfa303ac6a6738bd6a15bb1c324f722a50699a2f5bfa5a 756868 wordpress-theme-twentytwenty_5.7.8+dfsg1-0+deb11u1_all.deb
    3c8a544c36c1f21b697b409e81868f072c657f3bb04f95198bd482ad68233e63 2569952 wordpress-theme-twentytwentyone_5.7.8+dfsg1-0+deb11u1_all.deb
    0edc246e2baf8de67ed1b257ac4ce3ff31860ccc1344dd1bbb038441d0ce9149 7769372 wordpress_5.7.8+dfsg1-0+deb11u1_all.deb
    7bbf13f2223e62feaa0653a43374895b474526d95265ef6a230c08a1143c4d54 7926 wordpress_5.7.8+dfsg1-0+deb11u1_amd64.buildinfo
    Files:
    2c0cb2965005d7400f3edcb36a77fa99 2424 web optional wordpress_5.7.8+dfsg1-0+deb11u1.dsc
    23282d7c572ae13f0f02bca67d57abd0 11490472 web optional wordpress_5.7.8+dfsg1.orig.tar.xz
    f2954f5d8ea4a0fc4e4ab57df6340eb0 6825640 web optional wordpress_5.7.8+dfsg1-0+deb11u1.debian.tar.xz
    3db6b2ed409ccd1c5e069bc8c76d302c 4367604 localization optional wordpress-l10n_5.7.8+dfsg1-0+deb11u1_all.deb
    e559c330d5c4b80c6100f14551e4fd3a 484420 web optional wordpress-theme-twentynineteen_5.7.8+dfsg1-0+deb11u1_all.deb
    fc53adb8bda2803071c325a7d131667d 756868 web optional wordpress-theme-twentytwenty_5.7.8+dfsg1-0+deb11u1_all.deb
    8dcd1e7efcc05c386706283c4ec15157 2569952 web optional wordpress-theme-twentytwentyone_5.7.8+dfsg1-0+deb11u1_all.deb
    22d9bf63da45ea6962e98fbe1d7e9881 7769372 web optional wordpress_5.7.8+dfsg1-0+deb11u1_all.deb
    1edcab5865898b7ef8da3f39989779de 7926 web optional wordpress_5.7.8+dfsg1-0+deb11u1_amd64.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEXT3w9TizJ8CqeneiAiFmwP88hOMFAmNzZWcACgkQAiFmwP88 hOOqzg//cKMlv+/XWIFRslMlbE9mEvCx440g1t85dJwQssVgPRAGzhLl1k+GsB+W G87YdMDwkaTNNpK3w2nPqolRAGYzkcu71ZELWO4MoyocS3+Xt4dEPmjcReheQklQ DN8ukTn0c9nEDu9gwcs6FXlMUu24fhxhaT8Mn5QCGwPWWLwh7lqgNSs06aP4nfJh EuGoUgLKA0zk8fTG6Iwgos3gPTSagxI5mlrmIziBTTyb56JD3biOSJk6CpTCxshM PMUwoPoVrg8GI+cLAhjDngwbjQo5MItge10QcStEibD/rKEaVM1a9D6h+I/8s3bE W+JKapWsIzA7GlVj6z/wbXyIDOfFT5iOmps83ZZdVRHxzAl5fxkxG7zmcsAKTJep WCccjTvzZsn+2o2GXtnmYLNBjcsxdD/uNnNOxRgWqFsYsrbjakQjoTAz+YZJ02Ge FoSzc0S21up/59Bjwv2aMArDFaCVVnnuuva0TrMsEbEbjj0lfCWHDPlwKDQ1Ddz9 C+bApvEvjvz7kQ1BqIKCY7TtdAVY20Cg9/hdAbr0IEDwq5lGXi32NmPgsrHzndxw qVw3jC8ptKABl8hrmWwkIpkRL3asQNcwRNFV0QnaRQT9fS9z7AHIaoSN6Jr3/CPj Y4mS/H+rSWsqjz22f6H6SUoc8JqkrmOS0tLzjdE+z1G7IaqRW14=
    =LC2P
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)