wordpress 4.7.5+dfsg-2+deb9u2 source package in Debian
Changelog
wordpress (4.7.5+dfsg-2+deb9u2) stretch-security; urgency=high
* Backport security patches from 4.9.1 Closes: #883314
- CVE-2017-17091
Use a properly generated hash for the newbloguser key instead
of a determinate substring.
Changeset 42272
- CVE-2017-17092
Remove the ability to upload JavaScript files for users who
do not have the unfiltered_html capability
Changeset 42275
- CVE-2017-17093
Add escaping to the language attributes used on html elements
Changeset 42273
- CVE-2017-17094
Ensure the attributes of enclosures are correctly escaped in
RSS and Atom feeds
Changeset 42274
* Also backport patch for $wpdb->prepare CVE-2017-16510
Closes: 880528
-- Craig Small <email address hidden> Thu, 04 Jan 2018 18:19:44 +1100
Upload details
- Uploaded by:
- Craig Small
- Uploaded to:
- Stretch
- Original maintainer:
- Craig Small
- Architectures:
- all
- Section:
- web
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| wordpress_4.7.5+dfsg-2+deb9u2.dsc | 2.5 KiB | 1d2f5008528222dbf7c14a7f31ea487779adbc51b52bb73996b945566c72dcfd |
| wordpress_4.7.5+dfsg.orig.tar.xz | 6.0 MiB | a21bc1f4042bbd77eb1ddef2cdcd3fb60f121835cf5d219a6e12a2d06a839b7f |
| wordpress_4.7.5+dfsg-2+deb9u2.debian.tar.xz | 6.5 MiB | a20936583082cdd5919e0b8c204c74007d8588ce2b60f96e07a6a7e843af1b74 |
No changes file available.
