-
wordpress (5.1.1+dfsg1-1) unstable; urgency=medium
* New upstream release
* Fixes XSS security hole in comments Closes: #924546
* Added new/better config example
-- Craig Small <email address hidden> Thu, 14 Mar 2019 22:10:00 +1100
-
wordpress (5.0.3+dfsg1-1) unstable; urgency=medium
* New upstream release
* Update to Debian standards 4.3.0
-- Craig Small <email address hidden> Tue, 05 Feb 2019 22:23:39 +1100
-
wordpress (5.0.2+dfsg1-1) unstable; urgency=medium
* New upstream release
-- Craig Small <email address hidden> Fri, 28 Dec 2018 16:00:13 +1100
-
wordpress (5.0.1+dfsg1-1) unstable; urgency=high
* New upstream source. fixes 7 Security issues Closes: #916403
- CVE-2018-20147
Delete files through altered meta data
- CVE-2018-20152
Create posts of unauthorized post types
- CVE-2018-20148
PHP object injection through crafted meta data
- CVE-2018-20153
Edit other users comments, leading to XSS
- CVE-2018-20150
XSS in plugins through crafted URL inputs
- CVE-2018-20151
User activation screen visible to search engines
- CVE-2018-20149
Bypass MIME verification causing XSS
* Themes: Remove twentyfifteen, add twentynineteen and make default
* Remove remote emojis
-- Craig Small <email address hidden> Sun, 16 Dec 2018 10:45:32 +1100
-
wordpress (4.9.8+dfsg1-1) unstable; urgency=medium
* New upstream source
Verify plugin uploads CVE-2018-14028 Closes: #906565
-- Craig Small <email address hidden> Tue, 21 Aug 2018 20:47:44 +1000