Hi, On Tue, 06 Nov 2012, Dominic Hargreaves wrote: > On Fri, May 11, 2012 at 10:41:14PM +0200, Yves-Alexis Perez wrote: > > Several vulnerabilities were identified in Wordpress, a web blogging > > tool. As the CVEs were allocated from releases announcements and > > specific fixes are usually not identified, it has been decided to > > upgrade the Wordpress package to the latest upstream version instead > > of backporting the patches. > > > For the stable distribution (squeeze), those problems have been fixed in > > version 3.3.2+dfsg-1~squeeze1. > > Hi all, > > Thanks for doing this! Do we have any idea whether the issues alluded to > in > > http://wordpress.org/news/2012/06/wordpress-3-4-1/ > and > http://wordpress.org/news/2012/09/wordpress-3-4-2/ > > apply to 3.3 too?
I don't know, I did not investigate. > Are there any plans to further upgrade squeeze in this manner? I leave this to Yves-Alexis... It would be nice to formalize this approach with the security team. Cheers, -- Raphaël Hertzog ◈ Debian Developer Get the Debian Administrator's Handbook: → http://debian-handbook.info/get/ -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121107083306.gb9...@x230-buxy.home.ouaza.com
