Bug#837090: marked as pending

Craig Small Fri, 09 Sep 2016 15:09:30 -0700

tag 837090 pending
thanks

Hello,


Bug #837090 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:

    http://git.debian.org/?p=collab-maint/wordpress.git;a=commitdiff;h=8f8575b

---
commit 8f8575b8132884811063c7fefbd7aaf0825a7e71
Author: Craig Small <csm...@debian.org>
Date:   Sat Sep 10 07:53:57 2016 +1000

    backport changeset 38538
    
    sanitize the title from the uploaded filename.
    Fixes CVE-2016-6896
    
    References:
     https://core.trac.wordpress.org/changeset/38538

diff --git a/debian/changelog b/debian/changelog
index fcadd38..eeb8780 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+wordpress (4.1+dfsg-1+deb8u10) UNRELEASED; urgency=high
+
+  * Backport patches from 4.6.1/4.1.13 Closes: #837090
+  * CVE-2016-6897 not vulnerable
+  * Changeset 38538 santize filename CVE-2016-6896
+
+ -- Craig Small <csm...@debian.org>  Sat, 10 Sep 2016 07:46:59 +1000
+
 wordpress (4.1+dfsg-1+deb8u9) jessie-security; urgency=high
 
   * Backport patches from 4.5.3/4.1.12 Closes: #828225

Bug#837090: marked as pending

Reply via email to