On Thu, Jun 04, 2009 at 10:16:13AM +0200, Richard van den Berg wrote:
On Thu, June 4, 2009 09:08, Andrea De Iacovo wrote:
The fix should be something really simple like checking user preferences
before proceding to the upgrade. I hope to have a fix ready in the next
days.
I might be
First of all thank you for reporting the bugs.
I checked them out and I think all wordpress versions in Debian are
affected.
The fix should be something really simple like checking user preferences
before proceding to the upgrade. I hope to have a fix ready in the next
days.
Thank you again.
On Thu, June 4, 2009 09:08, Andrea De Iacovo wrote:
The fix should be something really simple like checking user preferences
before proceding to the upgrade. I hope to have a fix ready in the next
days.
I might be mistaken, but doesn't the upgrade.php assume that the wordpress
php files are
Package: wordpress
Severity: normal
Tags: security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities Exposures) ids were
published for wordpress.
CVE-2008-6767[0]:
| wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote
| attackers to
4 matches
Mail list logo