Hi Craig, I'm about to release the next Wheezy security update for Wordpress. I noticed that you didn't update the minified Javascript files for Jessie. I have simply used yui-compressor to convert the regular *.js files into the minified version because apparently *.js and *.min.js files are all installed into the wordpress package, so I can't rule out for sure that the minified version is not used in the end. Was this just an oversight or do you think the update of the minified version is not needed? I also saw the patch for CVE-2017-8295. It seems to me that upstream have not decided yet which path they want to go. The patch looks sane though. What's your opinion? Regards, Markus
Attachment:
signature.asc
Description: OpenPGP digital signature