On Tue, Mar 06, 2007 at 11:46:29PM +0100, Moritz Muehlenhoff wrote:
> Steve Langasek wrote:
> > Security Team,
> > On Mon, Mar 05, 2007 at 10:27:00PM +, Kai Hendry wrote:
> > > As micah suggests I will offer a "firm commitment to actually making
> > > the security updated packages when the hol
Hi,
I'd like to add a bit of information here.
Recently, Wordpress 2.1.1 has been compromised and an exploit added to
the code. http://wordpress.org/development/2007/03/upgrade-212/
This can happen.
However, upstream solves this by advising everyone to "just upgrade to
2.1.2". Otherwise it stays
Users, DDs and I don't agree with Moritz's decision here. Hence I've
reassigned the bug to the Debian Technical Committee for hopefully a
quick ruling.
I tried to resolve the problem again last night, you can read the IRC
log below.
Moritz believes that Wordpress shouldn't be in etch as it is too
Steve Langasek wrote:
> Security Team,
>
> On Mon, Mar 05, 2007 at 10:27:00PM +, Kai Hendry wrote:
> > As micah suggests I will offer a "firm commitment to actually making
> > the security updated packages when the hole comes out, and even drafting
> > the DSA and delivering it to the security
Security Team,
On Mon, Mar 05, 2007 at 10:27:00PM +, Kai Hendry wrote:
> As micah suggests I will offer a "firm commitment to actually making
> the security updated packages when the hole comes out, and even drafting
> the DSA and delivering it to the security team on a silver platter) and
> i
As micah suggests I will offer a "firm commitment to actually making
the security updated packages when the hole comes out, and even drafting
the DSA and delivering it to the security team on a silver platter) and
if it becomes untenable I will support the removal"
Below is the last email from ups
I just confirmed *again* that upstream is committed to supporting
Wordpress 2.0.x until 2010.
So where is the burden to the security team?
Packages in stable with committed upstream security support is probably
the exception more than the rule. So one would think, like I do, that
Wordpress is in
7 matches
Mail list logo
