Hi Dirk
See below.
On 13 March 2017 at 22:39, Dirk Eddelbuettel wrote:
>
> Hi Ola,
>
> On 13 March 2017 at 22:12, Ola Lundqvist wrote:
> | Hi Dirk
> |
> | I had a quick look at this but I stumbled on the version of the package.
> | Why 3.1.1-1+deb3.3.3u1 ?
> | And not 3.1.1u1
On Mar/14, Markus Koschany wrote:
> > So my whole rationale for adding this one in and going against what
> > WPScan said is purely 40176 is in the 4.1 branch of the upstreams
> > svn. Looking at the relevant file it does look like it does things
> > and not dead or unreachable code, so I think
Am 14.03.2017 um 10:09 schrieb Craig Small:
> Hi Markus,
> I nearly missed this one. If you go to WPScan[1] which is a great
> resource it says it is versions 4.7.0-4.7.2 only which implies that
> jessie is not impacted.
>
> However, I also go look at the 4.1 changesets on the upstream[2] as
Hi Markus,
I nearly missed this one. If you go to WPScan[1] which is a great
resource it says it is versions 4.7.0-4.7.2 only which implies that jessie
is not impacted.
However, I also go look at the 4.1 changesets on the upstream[2] as they
have done all the hard work (mainly) of backporting
Hello Craig, hello security team
I am currently working on a security update of Wordpress for Wheezy.
Craig I noticed your Git commit for Jessie [1]. You fixed CVE-2017-6816
(cs40176_plugin_delete) although the security team marked this one as
for both Wheezy and Jessie. However I tend to agree
Hello dear maintainer(s),
the Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of audiofile:
https://security-tracker.debian.org/tracker/source-package/audiofile
Would you like to take care of this yourself?
If yes, please follow the workflow