Source: wordpress Version: 4.4 Severity: important Tags: security upstream Wordpress 4.4.1 is out with the following message[1]
WordPress 4.4.1 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.4 and earlier are affected by a cross-site scripting vulnerability that could allow a site to be compromised. This was reported by Crtc4L. sid will be easy as its an upgrade to 4.4.1 I'm having trouble figuring out what changeset is the relevant one. Without that, I cannot pass the the one changeset out of the 40 or 50 down to the other dists. - Craig 1: https://wordpress.org/news/2016/01/wordpress-4-4-1-security-and-maintenance-release/ -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.3.0-1-amd64 (SMP w/6 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) _______________________________________________ Secure-testing-team mailing list Secure-testing-team@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team