Format: 1.8
Date: Wed, 17 May 2017 13:51:27 -0400
Source: wordpress
Binary: wordpress wordpress-l10n wordpress-theme-twentysixteen wordpress-theme-twentyfifteen wordpress-theme-twentyseventeen
Architecture: source
Version: 4.7.5+dfsg-0ubuntu0.17.04.1
Distribution: zesty-security
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Changed-By: Jeremy Bicha <jbicha@ubuntu.com>
Description:
 wordpress  - weblog manager
 wordpress-l10n - weblog manager - language files
 wordpress-theme-twentyfifteen - weblog manager - twentytfifteen theme files
 wordpress-theme-twentyseventeen - weblog manager - twentyseventeen theme files
 wordpress-theme-twentysixteen - weblog manager - twentysixteen theme files
Closes: 862816
Launchpad-Bugs-Fixed: 1691520
Changes:
 wordpress (4.7.5+dfsg-0ubuntu0.17.04.1) zesty-security; urgency=medium
 .
   * SECURITY UPDATE: New upstream release fixes 6 security issues
     CVE numbers are pending. Closes: #862816 (LP: #1691520)
     - CVE-2017-XXX
       Insufficient redirect validation in the HTTP class.
     - CVE-2017-XXX
       Improper handling of post meta data values in the XML-RPC API.
     - CVE-2017-XXX
       Lack of capability checks for post meta data in the XML-RPC API.
     - CVE-2017-XXX
       A Cross Site Request Forgery (CRSF) vulnerability was discovered
       in the filesystem credentials dialog.
     - CVE-2017-XXX
       A cross-site scripting (XSS) vulnerability was discovered when
       attempting to upload very large files.
     - CVE-2017-XXX
       A cross-site scripting (XSS) vulnerability was discovered related
       to the Customizer.
Checksums-Sha1:
 ed710c17378212d53981c5025f5c74f9eaffbe09 2664 wordpress_4.7.5+dfsg-0ubuntu0.17.04.1.dsc
 edf2c207b6c6c173d8958c0d9191e1e0d532e042 6240440 wordpress_4.7.5+dfsg.orig.tar.xz
 fd748896832d0312924a0d8288721b292bb42966 6994248 wordpress_4.7.5+dfsg-0ubuntu0.17.04.1.debian.tar.xz
Checksums-Sha256:
 8cd72a6297cbf29926f2cf1ef6137e8d256cd6c606702a40151311e7d79176e3 2664 wordpress_4.7.5+dfsg-0ubuntu0.17.04.1.dsc
 a21bc1f4042bbd77eb1ddef2cdcd3fb60f121835cf5d219a6e12a2d06a839b7f 6240440 wordpress_4.7.5+dfsg.orig.tar.xz
 858073bb1e5b54afe5d95c2f8713d01ab0ec6cc1377c1bb8559da58d59c1e44a 6994248 wordpress_4.7.5+dfsg-0ubuntu0.17.04.1.debian.tar.xz
Files:
 be957dd8a8afede040c05ce582961b2d 2664 web optional wordpress_4.7.5+dfsg-0ubuntu0.17.04.1.dsc
 acb0c5ca4df36e2eef3274d6adc4f8b8 6240440 web optional wordpress_4.7.5+dfsg.orig.tar.xz
 32b0bfda91d85f217e27f08b762a2992 6994248 web optional wordpress_4.7.5+dfsg-0ubuntu0.17.04.1.debian.tar.xz
Original-Maintainer: Craig Small <csmall@debian.org>