[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security update of Wordpress

On 31.07.2016 14:07, Craig Small wrote:
> I had a similar query from the security team. I think you are looking
> for changeset 37798.
> I got a security update but waiting on the team.
> I cannot see why 4.1.12 doesn't have this.
> https://core.trac.wordpress.org/changeset/37798
>  - Craig

Thank you for the confirmation. I also thought that changeset/37798
would be the most likely fix for this issue. I wasn't sure because you
marked CVE-2016-5836 as fixed in your Jessie update but I couldn't find
anything related to oEmbed.

I also tried to fix CVE-2015-8834 for Wheezy by backporting
changeset/32387 but the database upgrade failed, at least I could not
log back into the admin backend again. Did you notice a similar issue
for Jessie?



Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: