Your message dated Mon, 08 Jan 2007 09:02:05 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#405691: fixed in wordpress 2.0.6-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: wordpress
Version: 2.0.5-0.1
Severity: normal
Tags: security
The latest version of wordpress (2.0.6) fixes several security issues,
including the recently announced XSS[1] and SQL Injection[2]
vulnerabilities.
Thanks!
[1] http://www.hardened-php.net/advisory_012007.140.html
[2] http://www.hardened-php.net/advisory_022007.141.html
-- System Information:
Debian Release: 4.0
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-3-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages wordpress depends on:
ii apache [httpd] 1.3.34-4 versatile, high-performance HTTP s
ii apache2-mpm-prefork [httpd] 2.2.3-3.2 Traditional model for Apache HTTPD
ii mysql-client-4.1 [virtual-mys 4.1.15-1 mysql database client binaries
ii php5 5.2.0-8 server-side, HTML-embedded scripti
ii php5-mysql 5.2.0-8 MySQL module for php5
wordpress recommends no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: wordpress
Source-Version: 2.0.6-1
We believe that the bug you reported is fixed in the latest version of
wordpress, which is due to be installed in the Debian FTP archive:
wordpress_2.0.6-1.diff.gz
to pool/main/w/wordpress/wordpress_2.0.6-1.diff.gz
wordpress_2.0.6-1.dsc
to pool/main/w/wordpress/wordpress_2.0.6-1.dsc
wordpress_2.0.6-1_all.deb
to pool/main/w/wordpress/wordpress_2.0.6-1_all.deb
wordpress_2.0.6.orig.tar.gz
to pool/main/w/wordpress/wordpress_2.0.6.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Kai Hendry <[EMAIL PROTECTED]> (supplier of updated wordpress package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 5 Jan 2007 14:04:56 +0000
Source: wordpress
Binary: wordpress
Architecture: source all
Version: 2.0.6-1
Distribution: unstable
Urgency: high
Maintainer: Kai Hendry <[EMAIL PROTECTED]>
Changed-By: Kai Hendry <[EMAIL PROTECTED]>
Description:
wordpress - an award winning weblog manager
Closes: 405299 405691
Changes:
wordpress (2.0.6-1) unstable; urgency=high
.
* New upstream release
* Security fix, urgency high.
* FrSIRT/ADV-2006-5191, CVE-2006-6808: WordPress "get_file_description()"
Function Client-Side Cross Site Scripting Vulnerability.
(Closes: #405299, #405691)
Files:
46850a512b12d5aa7209837945b2e597 558 web optional wordpress_2.0.6-1.dsc
ebe00cee610065bc576bb38db18c792c 518012 web optional
wordpress_2.0.6.orig.tar.gz
577384ff03e82a9941c8145040df4fe7 8076 web optional wordpress_2.0.6-1.diff.gz
bbc3e04ae707f2ec4e4e5fdc2719e5e0 519880 web optional wordpress_2.0.6-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFogUqK/juK3+WFWQRAhziAJ4qNGMwcqI9wbSKpSxiVIfpFR/QsgCfeENA
eXw2wfz+CjWaO3qSyfzaUIM=
=mmaR
-----END PGP SIGNATURE-----
--- End Message ---
