Debian
wordpress package

wordpress 3.6.1+dfsg-1~deb7u5 source package in Debian

Changelog

wordpress (3.6.1+dfsg-1~deb7u5) wheezy-security; urgency=high


  * Non-maintainer upload by the Security Team.
  * Backport patches for 3.7.4->3.7.5 Closes: #770425
  * The patches fix the following security bugs:
    - CVE-2014-9031 XSS in wptexturize() via comments or posts
    - CVE-2014-9033 CSRF in the password reset process
    - CVE-2014-9034 Denial of service for giant passwords
    - CVE-2014-9035 XSS in Press This
    - CVE-2014-9036 XSS in HTML filtering of CSS in posts
    - CVE-2014-9037 Hash comparison vulnerability in old passwords
    - CVE-2014-9038 SSRF: Safe HTTP requests did not sufficiently block
      the loopback IP address space
    - CVE-2014-9039 Email address change didn't invalidate previously sent
      password reset

 -- Craig Small <email address hidden>  Wed, 03 Dec 2014 17:49:41 +1100

Upload details

Uploaded by:
Giuseppe Iuculano
Uploaded to:
Wheezy
Original maintainer:
Giuseppe Iuculano
Architectures:
all
Section:
web
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
wordpress_3.6.1+dfsg-1~deb7u5.dsc 2.3 KiB ca1357404b89b5e5d9062d658bce22b1d86d1c385c8f0ab8318435ad8abe1545
wordpress_3.6.1+dfsg.orig.tar.xz 3.1 MiB 20714525a688eadd649e2e497b4cd300870445867e1f8b3305b49da5ca55b50d
wordpress_3.6.1+dfsg-1~deb7u5.debian.tar.xz 5.0 MiB 4ffaeaf4766edd68478f8a9e2d6aa5182a6265b1c79ff27525651b01083503a0

No changes file available.

Binary packages built by this source