Re: squeeze update of wordpress?
On Fri, Aug 14, 2015 at 06:28:55PM +1000, Craig Small wrote:
> On Wed, Aug 12, 2015 at 03:00:32PM +0200, Guido Günther wrote:
> > the Debian LTS team would like to fix the security issues which are
> > currently open in the Squeeze version of wordpress:
> > https://security-tracker.debian.org/tracker/CVE-2015-5622
> Why just that one? Wouldn't it be better to try to fix all of the
> outstanding CVEs?
Yeah, we were just discussing on the list if it wouldn't be better to
update wordpress to a more recent version in Squeeze to get a hold of
all the CVEs currently affecting wordpress?
> > Would you like to take care of this yourself? We are still understaffed so
> > any help is always highly appreciated.
> I'll give it a go I got to fix jessie with CVE-2015-5730 first.
Are you planning to introduce a new upstream version or to backport the
fixes? Squeeze is currently in sync with Wheezy, we could try to keep it
like that. Do you have plans for Wheezy yet?
> - Craig
> Craig Small (@smallsees) http://enc.com.au/ csmall at : enc.com.au
> Debian GNU/Linux http://www.debian.org/ csmall at : debian.org
> GPG fingerprint: 5D2F B320 B825 D939 04D2 0519 3938 F96B DF50 FEA5