Re: Wheezy update of r-base?

Hi Dirk See below. On 13 March 2017 at 22:39, Dirk Eddelbuettel wrote: > > Hi Ola, > > On 13 March 2017 at 22:12, Ola Lundqvist wrote: > | Hi Dirk > | > | I had a quick look at this but I stumbled on the version of the package. > | Why 3.1.1-1+deb3.3.3u1 ? > | And not 3.1.1u1

Re: Wordpress security update

On Mar/14, Markus Koschany wrote: > > So my whole rationale for adding this one in and going against what > > WPScan said is purely 40176 is in the 4.1 branch of the upstreams > > svn. Looking at the relevant file it does look like it does things > > and not dead or unreachable code, so I think

Re: Wordpress security update

Am 14.03.2017 um 10:09 schrieb Craig Small: > Hi Markus, > I nearly missed this one. If you go to WPScan[1] which is a great > resource it says it is versions 4.7.0-4.7.2 only which implies that > jessie is not impacted. > > However, I also go look at the 4.1 changesets on the upstream[2] as

Re: Wordpress security update

Hi Markus, I nearly missed this one. If you go to WPScan[1] which is a great resource it says it is versions 4.7.0-4.7.2 only which implies that jessie is not impacted. However, I also go look at the 4.1 changesets on the upstream[2] as they have done all the hard work (mainly) of backporting

Wordpress security update

Hello Craig, hello security team I am currently working on a security update of Wordpress for Wheezy. Craig I noticed your Git commit for Jessie [1]. You fixed CVE-2017-6816 (cs40176_plugin_delete) although the security team marked this one as for both Wheezy and Jessie. However I tend to agree

Wheezy update of audiofile?

Hello dear maintainer(s), the Debian LTS team would like to fix the security issues which are currently open in the Wheezy version of audiofile: https://security-tracker.debian.org/tracker/source-package/audiofile Would you like to take care of this yourself? If yes, please follow the workflow