Package: wordpress Version: 5.2.4 Severity: critical Dear Maintainer,
* What led up to the situation? Wordpress 5.3 was released on November 12, 2019 with the latest maintenance/security release on December 18, 2019. Since then theDebian wordpress package has not been updated from 5.2.4 leaving instances at unnecessary and avoidable risk.
Please consider updating Debian wordpress packages to upstream versions.To reduce exposure of wordpress instances deploying Debian wordpress packages I am offering updated and packaged versions of the Debian wordpress packages (tested OK) for sponsored [2] NMU [1]. I intend on contributing updates on a regular basis.
Severity "critical" is chosen for this issue being security-related on a large scale putting many users' systems and data at risk.@Craig In addition to our past PMs, I'm merely formally reporting this critical bug for public reference on 3rd party advise.
-- 1: https://mentors.debian.net/package/wordpress 2: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=3D947143
signature.asc
Description: PGP signature