[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: squeeze update of wordpress?

Hi Craig,
On Fri, Aug 14, 2015 at 06:28:55PM +1000, Craig Small wrote:
> On Wed, Aug 12, 2015 at 03:00:32PM +0200, Guido Günther wrote:
> > the Debian LTS team would like to fix the security issues which are
> > currently open in the Squeeze version of wordpress:
> > https://security-tracker.debian.org/tracker/CVE-2015-5622
> Why just that one? Wouldn't it be better to try to fix all of the
> outstanding CVEs?

Yeah, we were just discussing on the list if it wouldn't be better to
update wordpress to a more recent version in Squeeze to get a hold of
all the CVEs currently affecting wordpress?

> > Would you like to take care of this yourself? We are still understaffed so
> > any help is always highly appreciated.
> I'll give it a go I got to fix jessie with CVE-2015-5730 first.

Are you planning to introduce a new upstream version or to backport the
fixes? Squeeze is currently in sync with Wheezy, we could try to keep it
like that. Do you have plans for Wheezy yet?

 -- Guido

>  - Craig
> -- 
> Craig Small (@smallsees)   http://enc.com.au/       csmall at : enc.com.au
> Debian GNU/Linux           http://www.debian.org/   csmall at : debian.org
> GPG fingerprint:        5D2F B320 B825 D939 04D2  0519 3938 F96B DF50 FEA5

Reply to: