Your message dated Wed, 29 Dec 2010 20:06:51 +0000
with message-id <[email protected]>
and subject line Bug#605603: fixed in wordpress 2.5.1-11+lenny4
has caused the Debian Bug report #605603,
regarding wordpress: Author level SQL injection vulnerability fixed in 3.0.2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
605603: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605603
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: wordpress
Version: 3.0.1-2
Severity: grave
Tags: security
Justification: user security hole
3.0.2 includes an update which appears to fix an SQL injection attack:
<http://codex.wordpress.org/Version_3.0.2>
<http://core.trac.wordpress.org/changeset/16625>
This looks worthy of an update for squeeze. Note that the other updates
in 3.0.2 also include various security hardening issues so it may be
most appropriate to upload 3.0.2 itself for squeeze.
--- End Message ---
--- Begin Message ---
Source: wordpress
Source-Version: 2.5.1-11+lenny4
We believe that the bug you reported is fixed in the latest version of
wordpress, which is due to be installed in the Debian FTP archive:
wordpress_2.5.1-11+lenny4.diff.gz
to main/w/wordpress/wordpress_2.5.1-11+lenny4.diff.gz
wordpress_2.5.1-11+lenny4.dsc
to main/w/wordpress/wordpress_2.5.1-11+lenny4.dsc
wordpress_2.5.1-11+lenny4_all.deb
to main/w/wordpress/wordpress_2.5.1-11+lenny4_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Giuseppe Iuculano <[email protected]> (supplier of updated wordpress package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 09 Dec 2010 15:42:31 +0100
Source: wordpress
Binary: wordpress
Architecture: source all
Version: 2.5.1-11+lenny4
Distribution: stable-security
Urgency: high
Maintainer: Andrea De Iacovo <[email protected]>
Changed-By: Giuseppe Iuculano <[email protected]>
Description:
wordpress - weblog manager
Closes: 605603
Changes:
wordpress (2.5.1-11+lenny4) stable-security; urgency=high
.
* [6f61bff] Fix CVE-2010-4257: SQL injection vulnerability in the
do_trackbacks function (Closes: #605603)
Checksums-Sha1:
0109b030b9cb9fbeb5c6ad666ed130e19c1bb3ac 1052 wordpress_2.5.1-11+lenny4.dsc
78ba8002564c1862c05c64932375692e29baefba 703044
wordpress_2.5.1-11+lenny4.diff.gz
f1a82e416e693b064bbaad362d2853680233f4bb 1031548
wordpress_2.5.1-11+lenny4_all.deb
Checksums-Sha256:
1de3ffe14e93a88b30bd2c5b48fc26be548926fbb69b770723dffa3ec6b9d66b 1052
wordpress_2.5.1-11+lenny4.dsc
7b74480b2ab67b2add0d1d2ba1778f4ce94352059b574e19e5f8cd4c9716f1c9 703044
wordpress_2.5.1-11+lenny4.diff.gz
858bee7a2ad3bd2255158e8dd27b09c9385fd64188348d7c28df84beccecd002 1031548
wordpress_2.5.1-11+lenny4_all.deb
Files:
008896d98126d16abca0fac532b43907 1052 web optional
wordpress_2.5.1-11+lenny4.dsc
c8d3545fdef98ba0a1e8c3a6fa7488d0 703044 web optional
wordpress_2.5.1-11+lenny4.diff.gz
9255a3b87a72b423fe8201eb6cb8ef20 1031548 web optional
wordpress_2.5.1-11+lenny4_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk0A7tIACgkQNxpp46476aoPqgCcCTtkSvxdc4UALmajiRRmmuX5
fEIAn0YBIanlgbMHlttm9rViSv9o+Jl7
=b56x
-----END PGP SIGNATURE-----
--- End Message ---