On Fri, Aug 14, 2009 at 5:16 PM, Michael S Gilbert<[email protected]> wrote: >>> Because in DSA-1285-1 the security team uploaded a new upstream security >>> release, 2.0.10-1, and that issue was fixed in 2.1.3 and 2.0.10 (legacy >>> version). >> >> ok, i can't find that claimed in the 2.0.10 etch package nor in any of >> the upstream announcements, and there are no code references from mitre >> to check against. perhaps i have missed something or you have verified >> against the proof-of-concept? > > perhaps this is the commit you've checked against [0]? that seems to > be for 2007-1622. > > [0] http://core.trac.wordpress.org/ticket/4092
maybe the two are the same since the descriptions sound very similar, but if that's the case, wouldn't one get REJECTED? mike _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
