[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: squeeze update of wordpress?



On 08/12/2015 03:00 PM, Guido Günther wrote:
Hello dear maintainers,

the Debian LTS team would like to fix the security issues which are
currently open in the Squeeze version of wordpress:
https://security-tracker.debian.org/tracker/CVE-2015-5622

Just as a bit of information regarding this package:

There should be plenty of other security issues in the Squeeze version, and not easily maintainable, since security support for 3.6 was abandoned by WordPress in October 2013:

https://security-tracker.debian.org/tracker/source-package/wordpress

There has also been a somewhat lengthy discussion about WP in the backports mailing list, from this message and onwards:

https://lists.debian.org/debian-backports/2015/06/msg00005.html

I suspect that Craig will suggest tracking the version in Wheezy for simplicity's sake, as the internal changes since 3.6 may be too much to easily backport security updates for.
--
Cheers,
Jan


Reply to: