[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Wordpress security update

Hello Craig, hello security team

I am currently working on a security update of Wordpress for Wheezy.
Craig I noticed your Git commit for Jessie [1]. You fixed CVE-2017-6816
(cs40176_plugin_delete) although the security team marked this one as
<not-affected> for both Wheezy and Jessie. However I tend to agree with
you that they are affected.

@security team: Why did you choose to mark CVE-2017-6816 as not affected?

@Craig: How did you get the information about affected versions in your
initial bug report which might explain this decision? [2]




[2] https://bugs.debian.org/857026

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: