Hi all, I don't want to push, but how about upgrading wordpress in backports? Is there any problem with (me) just uploading the latest version in stretch? Paul On 01-06-17 07:31, Sebastien Delafond wrote: > ------------------------------------------------------------------------- > Debian Security Advisory DSA-3870-1 security@debian.org > https://www.debian.org/security/ Sebastien Delafond > June 01, 2017 https://www.debian.org/security/faq > ------------------------------------------------------------------------- > > Package : wordpress > CVE ID : CVE-2017-8295 CVE-2017-9061 CVE-2017-9062 CVE-2017-9063 > CVE-2017-9064 CVE-2017-9065 > Debian Bug : 862053 862816 > > Several vulnerabilities were discovered in wordpress, a web blogging > tool. They would allow remote attackers to force password resets, and > perform various cross-site scripting and cross-site request forgery > attacks. > > For the stable distribution (jessie), these problems have been fixed in > version 4.1+dfsg-1+deb8u13. > > For the upcoming stable (stretch) and unstable (sid) distributions, > these problems have been fixed in version 4.7.5+dfsg-1. > > We recommend that you upgrade your wordpress packages. > > Further information about Debian Security Advisories, how to apply > these updates to your system and frequently asked questions can be > found at: https://www.debian.org/security/ > > Mailing list: debian-security-announce@lists.debian.org >
Attachment:
signature.asc
Description: OpenPGP digital signature