Hi, The upstream release was on Nov 20, it's been almost 2 weeks and the bug seem kind of serious. Any chance to do a quick fix and then continue to discuss changing wordpress version in stable ? Or any ETA on when the fixes will come to stable ?
I've manually applied the workaround suggested here[1], although it doesn't seem ideal. But seems to fix the attacks reported here[2] and here[3] at least. Thanks a lot, Rodrigo [1]: http://klikki.fi/adv/wordpress.html [2]: http://klikki.fi/unquote/ [3]: http://klikki.fi/adv/wordpress_update.html -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org