tag 851310 pending
thanks
Hello,
Bug #851310 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:
http://git.debian.org/?p=collab-maint/wordpress.git;a=commitdiff;h=9b06beb
---
commit 9b06bebf892a9edbc616e59cbc2e09db0a2f758f
Author: Craig Small <csm...@debian.org>
Date: Sat Jan 14 09:21:43 2017 +1100
changelog: update to 4.7.1
diff --git a/debian/changelog b/debian/changelog
index a77e0d9..c514221 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,17 @@
+wordpress (4.7.1+dfsg-1) UNRELEASED; urgency=high
+
+ * New upstream release fixes 8 security issues, Closes: #851310
+ - Cryptographically Weak Pseudo-Random Number Generator
+ - Accessibility Mode Cross-Site Request Forgery (CSRF)
+ - Post via Email Checks mail.example.com by Default
+ - Stored Cross-Site Scripting (XSS) via Theme Name fallback
+ - Cross-Site Request Forgery (CSRF) via Flash Upload
+ - Authenticated Cross-Site scripting (XSS) in update-core.php
+ - User Information Disclosure via REST API
+ - Potential Remote Command Execution (RCE) in PHPMailer
+
+ -- Craig Small <csm...@debian.org> Sat, 14 Jan 2017 08:38:10 +1100
+
wordpress (4.7+dfsg-2) unstable; urgency=medium
* Add virtual-mysql-* as an option Closes: #847597
