On Mon, Jul 09, 2018 at 10:04:56PM +1000, Craig Small wrote:
> I have sent the debdiff for stretch to the security team. Once they are
> happy about it, stretch will get that update.
Great, thanks a lot! :-)
I have sent the debdiff for stretch to the security team. Once they are
happy about it, stretch will get that update.
- Craig
On Sun, 8 Jul 2018 at 01:37 Rodrigo Campos wrote:
> On Sat, Jul 07, 2018 at 10:35:44PM +1000, Craig Small wrote:
> > Looks like they made a release, 4.9.7 with the f
On Sat, Jul 07, 2018 at 10:35:44PM +1000, Craig Small wrote:
> Looks like they made a release, 4.9.7 with the fix. Uploading soon.
>
> The relevant patch (for backports) is
> https://github.com/WordPress/WordPress/commit/c9dce0606b0d7e6f494d4abe7b193ac046a322cd
I can only backport from packages i
Looks like they made a release, 4.9.7 with the fix. Uploading soon.
The relevant patch (for backports) is
https://github.com/WordPress/WordPress/commit/c9dce0606b0d7e6f494d4abe7b193ac046a322cd
On Tue, 3 Jul 2018 at 12:34 Craig Small wrote:
>
> Hi,
> I was waiting for a WordPress update but f
Hi,
I was waiting for a WordPress update but for whatever reason it's not
coming.
The impact is less for Debian packages as most of the files are not
writable by the www-data user. A standard installation has to be writable
for the automatic updates.
However plugin and themes are generally writ
Source: wordpress
Version: 4.9.5+dfsg1-1
Severity: important
Tags: security upstream
Hi,
The following vulnerability was published for wordpress.
CVE-2018-12895[0]:
| WordPress through 4.9.6 allows Author users to execute arbitrary code
| by leveraging directory traversal in the wp-admin/post.ph
6 matches
Mail list logo
