Re: Fwd: jessie backport for Wordpress
On Tue, Jul 28, 2015 at 07:01:04AM +1000, Craig Small wrote:
> On Mon, Jul 27, 2015 at 03:35:06PM +0200, Alexander Wirt wrote:
> > On Mon, 27 Jul 2015, Rodrigo Campos wrote:
> > > On Mon, Jul 27, 2015 at 11:12:46AM +0200, Alexander Wirt wrote:
> > > > JFTR, I expect CVE-2015-5623 and CVE-2015-5622  fixed before you upload the
> > > > package to bpo. Please don't upload packages with known security problems.
> I missed that, I think they were there in the old package so we are not
> introducing anything new.
> > Upload to unstable, wait for testing migration, pray for no new CVEs and then
> > upload to bpo.
> The unstable upload happened about 12 hours ago and I can see its in the
> packages page. So is it required to wait for the testing migration?
> Or could Rodrigo download sid's version have it ready to go and as soon
> as testing migration happens upload?
I think I can do that and upload to mentors, nobody "cares". Then, if exactly
that version makes it to testing, that package in mentors can be uploaded (if
Rhonda is fine with it too, I guess. Rhonda?)
I'll do that tomorrow (or when I see the package in the mirrors I use). If a new
version is needed for the testing migration or something, I can do it again, no
> Probably not relevant here but I'll be working on the jessie and
> possibly wheezy backports (if required) tonight.
Keep in mind, for the jessie backport, that there was a new release from
wordpress on the 4.1 branch: 4.1.6. So that release might be useful for getting
the patches :)
Thanks a lot,