Hi Craig, I have prepared a security update for Wordpress in Wheezy and pushed my work to https://anonscm.debian.org/cgit/collab-maint/wordpress.git/commit/?h=wheezy&id=d1f7bfa1d5109509bb4ab7ab23d0e7e7dc8736cc I intend to release it soon but I haven't found the changeset / fix for CVE-2016-5836 yet. Do you have any idea where can I find more information about that? Your update for Jessie doesn't seem to include it. I looked at the diff between 4.5.2 and 4.5.3 and could find some changes regarding oEmbed but I would appreciate another confirmation. Regards, Markus
Attachment:
signature.asc
Description: OpenPGP digital signature