Re: [SECURITY] [DSA 2670-1] wordpress security update
Hi,
On Tue, 06 Nov 2012, Dominic Hargreaves wrote:
> On Fri, May 11, 2012 at 10:41:14PM +0200, Yves-Alexis Perez wrote:
> > Several vulnerabilities were identified in Wordpress, a web blogging
> > tool. As the CVEs were allocated from releases announcements and
> > specific fixes are usually not identified, it has been decided to
> > upgrade the Wordpress package to the latest upstream version instead
> > of backporting the patches.
>
> > For the stable distribution (squeeze), those problems have been fixed in
> > version 3.3.2+dfsg-1~squeeze1.
>
> Hi all,
>
> Thanks for doing this! Do we have any idea whether the issues alluded to
> in
>
> http://wordpress.org/news/2012/06/wordpress-3-4-1/
> and
> http://wordpress.org/news/2012/09/wordpress-3-4-2/
>
> apply to 3.3 too?
I don't know, I did not investigate.
> Are there any plans to further upgrade squeeze in this manner?
I leave this to Yves-Alexis... It would be nice to formalize this
approach with the security team.
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Get the Debian Administrator's Handbook:
→ http://debian-handbook.info/get/
Reply to: