Re: [SECURITY] [DSA 2670-1] wordpress security update
On Tue, 06 Nov 2012, Dominic Hargreaves wrote:
> On Fri, May 11, 2012 at 10:41:14PM +0200, Yves-Alexis Perez wrote:
> > Several vulnerabilities were identified in Wordpress, a web blogging
> > tool. As the CVEs were allocated from releases announcements and
> > specific fixes are usually not identified, it has been decided to
> > upgrade the Wordpress package to the latest upstream version instead
> > of backporting the patches.
> > For the stable distribution (squeeze), those problems have been fixed in
> > version 3.3.2+dfsg-1~squeeze1.
> Hi all,
> Thanks for doing this! Do we have any idea whether the issues alluded to
> apply to 3.3 too?
I don't know, I did not investigate.
> Are there any plans to further upgrade squeeze in this manner?
I leave this to Yves-Alexis... It would be nice to formalize this
approach with the security team.
Raphaël Hertzog ◈ Debian Developer
Get the Debian Administrator's Handbook: