Linux repositories inspector

wordpress-theme-twentysixteen - weblog manager - twentysixteen theme files

WordPress is a full featured web blogging tool:
  • Instant publishing (no rebuilding)
  • Comment pingback support with spam protection
  • Non-crufty URLs
  • Themable
  • Plugin support
This package contains WordPress twentysixteen theme files NOTE: This theme requires access to public CDNs for use of some font or CSS files.
Original maintainer
Homepagehttps://wordpress.org
5.0.2
Debian iconDebian 10.0
Ubuntu iconUbuntu 19.04
4.9.8
Ubuntu iconUbuntu 18.10
4.9.5
Ubuntu iconUbuntu 18.04 LTS
4.8.2
Ubuntu iconUbuntu 17.10
4.7.5
Debian iconDebian 9.0
4.4.2
Ubuntu iconUbuntu 16.04 LTS
DistributionVersionSincePackageInstalledPackager
Debian iconDebian 10.0 buster/maindeb5.0.2+dfsg1-112.01.2019579 kiB923 kiB
Debian iconDebian 9.0 stretch/maindeb4.7.5+dfsg-2+deb9u412.01.2019576 kiB896 kiB
Ubuntu iconUbuntu 17.10 artful/universedeb4.8.2+dfsg-210.11.2017561 kiB895 kiB
Ubuntu iconUbuntu 18.04 LTS bionic/universedeb4.9.5+dfsg1-119.06.2018561 kiB897 kiB
Ubuntu iconUbuntu 18.10 cosmic/universedeb4.9.8+dfsg1-114.01.2019561 kiB898 kiB
Ubuntu iconUbuntu 19.04 disco/universedeb5.0.2+dfsg1-114.01.2019563 kiB923 kiB
Ubuntu iconUbuntu 16.04 LTS xenial/universedeb4.4.2+dfsg-1ubuntu110.11.2017561 kiB897 kiB

Latest updates

Ubuntu 19.04 icon

Ubuntu 19.04 disco/universe: Version 5.0.2+dfsg1-1 introduced

14.01.2019 13:12
  • New upstream release
Ubuntu 18.10 icon

Ubuntu 18.10 cosmic/universe: Version 4.9.8+dfsg1-1 introduced

14.01.2019 03:15
  • New upstream source
    Verify plugin uploads CVE-2018-14028 Closes: #906565
Debian 10.0 icon

Debian 10.0 buster/main: Updated from 4.9.4+dfsg-1 to 5.0.2+dfsg1-1

12.01.2019 14:14
  • New upstream release
Debian 9.0 icon

Debian 9.0 stretch-proposed-updates/main: Version 4.7.5+dfsg-2+deb9u3 removed

12.01.2019 13:52
Debian 9.0 icon

Debian 9.0 stretch/main: Updated from 4.7.5+dfsg-2+deb9u2 to 4.7.5+dfsg-2+deb9u4

12.01.2019 13:50
  • Backport security patch from 4.9.7 Closes: #902876
    • CVE-2018-12895 Fix directory traversal in thumb parameter
Debian 9.0 icon

Debian 9.0 stretch-proposed-updates/main: Version 4.7.5+dfsg-2+deb9u3 introduced

19.06.2018 07:50
Ubuntu 18.04 LTS icon

Ubuntu 18.04 LTS bionic/universe: Updated from 4.9.4+dfsg-1 to 4.9.5+dfsg1-1

19.06.2018 07:49
  • New upstream source, fixes 3 Security issues Closes: #895034
    • CVE-2018-TBA
      Don't treat localhost as same host by default.
    • CVE-2018-TBA
      Use safe redirects when redirecting login page if SSL is forced
    • CVE-2018-TBA
      Make sure version string is correctly escaped for use in generator tags
  • Update to standards version 4.1.4
  • Remove get-orig-source in rules and use uscan
Debian 9.0 icon

Debian 9.0 stretch-proposed-updates/main: Version 4.7.5+dfsg-2+deb9u2 removed

14.03.2018 02:47
Debian 9.0 icon

Debian 9.0 stretch/main: Updated from 4.7.5+dfsg-2+deb9u1 to 4.7.5+dfsg-2+deb9u2

14.03.2018 02:46
  • Backport security patches from 4.9.1 Closes: #883314
    • CVE-2017-17091
      Use a properly generated hash for the newbloguser key instead of a determinate substring.
      Changeset 42272
    • CVE-2017-17092
      Remove the ability to upload JavaScript files for users who do not have the unfiltered_html capability
      Changeset 42275
    • CVE-2017-17093
      Add escaping to the language attributes used on html elements Changeset 42273
    • CVE-2017-17094
      Ensure the attributes of enclosures are correctly escaped in RSS and Atom feeds
      Changeset 42274
  • Also backport patch for $wpdb->prepare CVE-2017-16510 Closes: 880528
Debian 10.0 icon

Debian 10.0 buster/main: Updated from 4.9.2+dfsg-1 to 4.9.4+dfsg-1

26.02.2018 04:25
  • New upstream release
  • Removed remove_jshint patch as upstream has found a different hinter
Debian 9.0 icon

Debian 9.0 stretch-proposed-updates/main: Version 4.7.5+dfsg-2+deb9u2 introduced

26.02.2018 04:22
  • Backport security patches from 4.9.1 Closes: #883314
    • CVE-2017-17091
      Use a properly generated hash for the newbloguser key instead of a determinate substring.
      Changeset 42272
    • CVE-2017-17092
      Remove the ability to upload JavaScript files for users who do not have the unfiltered_html capability
      Changeset 42275
    • CVE-2017-17093
      Add escaping to the language attributes used on html elements Changeset 42273
    • CVE-2017-17094
      Ensure the attributes of enclosures are correctly escaped in RSS and Atom feeds
      Changeset 42274
  • Also backport patch for $wpdb->prepare CVE-2017-16510 Closes: 880528
Ubuntu 18.04 LTS icon

Ubuntu 18.04 LTS bionic/universe: Updated from 4.9.2+dfsg-1 to 4.9.4+dfsg-1

26.02.2018 04:21
  • New upstream release
  • Removed remove_jshint patch as upstream has found a different hinter
Debian 10.0 icon

Debian 10.0 buster/main: Updated from 4.9.1+dfsg-1 to 4.9.2+dfsg-1

23.01.2018 04:07
  • New upstream security release Closes: #887596
    and resolves CVE-2018-5776
  • Update standards version to 4.1.3 - no change
Ubuntu 18.04 LTS icon

Ubuntu 18.04 LTS bionic/universe: Updated from 4.9.1+dfsg-1 to 4.9.2+dfsg-1

23.01.2018 04:04
  • New upstream security release Closes: #887596
    and resolves CVE-2018-5776
  • Update standards version to 4.1.3 - no change
Debian 10.0 icon

Debian 10.0 buster/main: Updated from 4.8.3+dfsg-1 to 4.9.1+dfsg-1

10.12.2017 22:37
  • New upstream release
  • Release 4.9 was never packaged due to licensing problems
  • This release fixes 6 security issues Closes: #883314
    • CVE-2017-17091
      Use a properly generated hash for the newbloguser key instead of a determinate substring.
    • CVE-2017-17092
      Remove the ability to upload JavaScript files for users who do not have the unfiltered_html capability
    • CVE-2017-17093
      Add escaping to the language attributes used on html elements
    • CVE-2017-17094
      Ensure the attributes of enclosures are correctly escaped in RSS and Atom feeds
  • Updated to standards 4.1.1
  • New linting for Javascript is disabled due to jshint.js licensing issues
Ubuntu 18.04 LTS icon

Ubuntu 18.04 LTS bionic/universe: Updated from 4.8.3+dfsg-1 to 4.9.1+dfsg-1

09.12.2017 13:12
  • New upstream release
  • Release 4.9 was never packaged due to licensing problems
  • This release fixes 6 security issues Closes: #883314
    • CVE-2017-17091
      Use a properly generated hash for the newbloguser key instead of a determinate substring.
    • CVE-2017-17092
      Remove the ability to upload JavaScript files for users who do not have the unfiltered_html capability
    • CVE-2017-17093
      Add escaping to the language attributes used on html elements
    • CVE-2017-17094
      Ensure the attributes of enclosures are correctly escaped in RSS and Atom feeds
  • Updated to standards 4.1.1
  • New linting for Javascript is disabled due to jshint.js licensing issues
Debian 9.0 icon

Debian 9.0 stretch-proposed-updates/main: Version 4.7.5+dfsg-2+deb9u1 removed

09.12.2017 06:35
Debian 9.0 icon

Debian 9.0 stretch/main: Updated from 4.7.5+dfsg-2 to 4.7.5+dfsg-2+deb9u1

09.12.2017 05:58
  • Backport patches from 4.8.2 Closes: #876274
    • CVE-2017-14723
      $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi)
      Changeset 41472, 41498
    • CVE-2017-14724
      Cross-site scripting (XSS) vulnerability in the oEmbed discovery Changeset 41451
    • CVE-2017-14726
      Cross-site scripting (XSS) vulnerability in the visual editor Changeset 41436
    • CVE-2017-14719
      Path traversal vulnerability in the file unzipping code Changeset 41459
    • CVE-2017-14721
      Cross-site scripting (XSS) vulnerability in the plugin editor Changeset 41413
    • CVE-2017-14725
      Open redirect in the user and term edit screens Changeset 41418
    • CVE-2017-14722
      Path traversal vulnerability in the customizer Changeset 41430
    • CVE-2017-14720
      Cross-site scripting (XSS) vulnerability in template names Changeset 41413 (same as plugin editor)
    • CVE-2017-14718
      Cross-site scripting (XSS) vulnerability in the link modal
  • Hash user activation key Closes: #877629
    Fixes CVE-2017-14990
Debian 10.0 icon

Debian 10.0 buster/main: Version 4.8.3+dfsg-1 introduced

10.11.2017 09:50
  • New upstream security release Closes: #880528
Debian 9.0 icon

Debian 9.0 stretch-proposed-updates/main: Version 4.7.5+dfsg-2+deb9u1 introduced

10.11.2017 09:40
  • Backport patches from 4.8.2 Closes: #876274
    • CVE-2017-14723
      $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi)
      Changeset 41472, 41498
    • CVE-2017-14724
      Cross-site scripting (XSS) vulnerability in the oEmbed discovery Changeset 41451
    • CVE-2017-14726
      Cross-site scripting (XSS) vulnerability in the visual editor Changeset 41436
    • CVE-2017-14719
      Path traversal vulnerability in the file unzipping code Changeset 41459
    • CVE-2017-14721
      Cross-site scripting (XSS) vulnerability in the plugin editor Changeset 41413
    • CVE-2017-14725
      Open redirect in the user and term edit screens Changeset 41418
    • CVE-2017-14722
      Path traversal vulnerability in the customizer Changeset 41430
    • CVE-2017-14720
      Cross-site scripting (XSS) vulnerability in template names Changeset 41413 (same as plugin editor)
    • CVE-2017-14718
      Cross-site scripting (XSS) vulnerability in the link modal
  • Hash user activation key Closes: #877629
    Fixes CVE-2017-14990
⇧ Top