[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: squeeze update of wordpress?

Hi Craig,
On Fri, Aug 14, 2015 at 06:28:55PM +1000, Craig Small wrote:
> On Wed, Aug 12, 2015 at 03:00:32PM +0200, Guido Günther wrote:
> > the Debian LTS team would like to fix the security issues which are
> > currently open in the Squeeze version of wordpress:
> > https://security-tracker.debian.org/tracker/CVE-2015-5622
> Why just that one? Wouldn't it be better to try to fix all of the
> outstanding CVEs?

Yeah, we were just discussing on the list if it wouldn't be better to
update wordpress to a more recent version in Squeeze to get a hold of
all the CVEs currently affecting wordpress?

> > Would you like to take care of this yourself? We are still understaffed so
> > any help is always highly appreciated.
> I'll give it a go I got to fix jessie with CVE-2015-5730 first.

Are you planning to introduce a new upstream version or to backport the
fixes? Squeeze is currently in sync with Wheezy, we could try to keep it
like that. Do you have plans for Wheezy yet?

Cheers,
 -- Guido


> 
>  - Craig
> -- 
> Craig Small (@smallsees)   http://enc.com.au/       csmall at : enc.com.au
> Debian GNU/Linux           http://www.debian.org/   csmall at : debian.org
> GPG fingerprint:        5D2F B320 B825 D939 04D2  0519 3938 F96B DF50 FEA5
>
Reply to: