Hi Craig,
I have prepared a security update for Wordpress in Wheezy and pushed my
work to
https://anonscm.debian.org/cgit/collab-maint/wordpress.git/commit/?h=wheezy&id=d1f7bfa1d5109509bb4ab7ab23d0e7e7dc8736cc
I intend to release it soon but I haven't found the changeset / fix for
CVE-2016-5836 yet. Do you have any idea where can I find more
information about that? Your update for Jessie doesn't seem to include
it. I looked at the diff between 4.5.2 and 4.5.3 and could find some
changes regarding oEmbed but I would appreciate another confirmation.
Regards,
Markus