[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Wordpress security update

Hi Craig,

I'm about to release the next Wheezy security update for Wordpress. I
noticed that you didn't update the minified Javascript files for Jessie.
I have simply used yui-compressor to convert the regular *.js files into
the minified version because apparently *.js and *.min.js files are all
installed into the wordpress package, so I can't rule out for sure that
the minified version is not used in the end. Was this just an oversight
or do you think the update of the minified version is not needed?

I also saw the patch for CVE-2017-8295. It seems to me that upstream
have not decided yet which path they want to go. The patch looks sane
though. What's your opinion?



Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: