Your message dated Thu, 17 Oct 2019 11:06:07 +0000 with message-id <e1il3bb-0009g9...@fasolo.debian.org> and subject line Bug#942459: fixed in wordpress 5.2.4+dfsg1-1 has caused the Debian Bug report #942459, regarding wordpress: WordPress 5.2.4 Security Release to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 942459: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942459 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: wordpress Version: 5.2.3+dfsg1-1 Severity: grave Tags: security upstream Justification: user security hole Hi Craig, See https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/ As in previous rounds, could you please requests the CVEs as neededfor the found issues? Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: wordpress Source-Version: 5.2.4+dfsg1-1 We believe that the bug you reported is fixed in the latest version of wordpress, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 942...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Craig Small <csm...@debian.org> (supplier of updated wordpress package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 17 Oct 2019 21:32:54 +1100 Source: wordpress Architecture: source Version: 5.2.4+dfsg1-1 Distribution: unstable Urgency: high Maintainer: Craig Small <csm...@debian.org> Changed-By: Craig Small <csm...@debian.org> Closes: 942459 Changes: wordpress (5.2.4+dfsg1-1) unstable; urgency=high . * Security release, fixes several issues Closes: #942459 - Stored XSS in the Customizer - Viewing unauthenticated posts - Stored XSS to inject ajavascript into style tags - Poisoning JSON GET requests - SSRF in URL vaidation - Referer validation in admin screens Checksums-Sha1: 6b6684e8d4476b5cd8eea842e525c0e413a5874a 2442 wordpress_5.2.4+dfsg1-1.dsc 65aa5a0a9bfcb2820f8fbf143b31e86bc5a5aca2 7917816 wordpress_5.2.4+dfsg1.orig.tar.xz e37e7d934355f978ef62e68a8ce66b48e44a17c0 6819540 wordpress_5.2.4+dfsg1-1.debian.tar.xz 9a6f0d70391ae1cbfb86dab7aeb681e797f528ed 7145 wordpress_5.2.4+dfsg1-1_amd64.buildinfo Checksums-Sha256: 566050183428aca02c95a564d812fe684eea669392b5821ac77f74e01deac2d2 2442 wordpress_5.2.4+dfsg1-1.dsc 7429c65f72049ad127667f54efe2d49da0432e6704bc141a7af78ac574f9e6bb 7917816 wordpress_5.2.4+dfsg1.orig.tar.xz e552594a0b5207152429c081c57d29425cf32d9e88cc02c6bd9d12f57804f0a9 6819540 wordpress_5.2.4+dfsg1-1.debian.tar.xz 9b2e09d526d0e6a2fa161a0c476c0b81d1ce03db4d23111914c5e0cbe64f0130 7145 wordpress_5.2.4+dfsg1-1_amd64.buildinfo Files: 53542f2f1234479c182f0d9790c06996 2442 web optional wordpress_5.2.4+dfsg1-1.dsc 5efc0d0d50bba1ebfe980dab89d7b166 7917816 web optional wordpress_5.2.4+dfsg1.orig.tar.xz 06322b3f63871ef0cd76e227d1c76cb8 6819540 web optional wordpress_5.2.4+dfsg1-1.debian.tar.xz 176834db47a6b5456478c841113005d0 7145 web optional wordpress_5.2.4+dfsg1-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXT3w9TizJ8CqeneiAiFmwP88hOMFAl2oRG8ACgkQAiFmwP88 hON58A//bONg9PHSbThjB37e9mKPjVkitfz187x9exr3NV5pyHB/WmLopUjwrBx/ /Or9UWlHgY5ggDn1u2DPFXygOnr44+SffOJPGx6EDruJ83AZEBX3EQi6nkd1t4Dz NU5hMxOAaJK/BifSMNsuBq69t4/nFJY9cEp+M8wYjbc5Wn5TzYJfZE2eJfCCpu2I migLm046/A5JvHM9d9BmbUUBVbmyABvycsICPcHF6wAvSWPp1LOqm/kANhtBkcym tz6KGqlUOGS6AyYjZ/2Kt2/IaCmbKBlyMdJ/T8bAzkqbmQtO01i6pqoiN2QHA4Ij LKJazdhQL2V8n0ad+9OBMQEyRp/Ldyjo6iU0xdPyvr9qzaN4z8TueIjpbuC0p7FG ILO0sruGXvlgB8WH373Xyrmp6L7jnafC5IupdlI4NiPq9IGj43hMulz0sIplt9Y/ HSAEE4A4nAmr4207ZiVysIkezUGmyUPSDsgJxYEzp+3h3oeVGoubbQa3S7oAREJp LngHf4nB+9eUfITxofQt2VTgN2UwGVIX8X6k5zIUmj/nSeFBIpYu/vo98LEBpaFD /VzUWFO8mj6M5pqldgjNIaGsbk8vGha0vG/NsdIo9U/SsR/P8LWIkEImL8+UQrQF dfQqBdWdofodQ9oIQvOaC1pYEirKmzC2hNtGe8HH0kn5DaaYKMk= =0L+e -----END PGP SIGNATURE-----
--- End Message ---
