Ubuntu
wordpress package

FFe: Sync wordpress 3.6+dfsg-1 (universe) from Debian unstable (main)

Bug #1221030 reported by Jeremy Bícha
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
wordpress (Ubuntu)
Fix Released
Wishlist
Unassigned

Bug Description

Please sync wordpress 3.6+dfsg-1 (universe) from Debian unstable (main)

Explanation of FeatureFreeze exception:
WordPress doesn't really backport bug fixes or security fixes to
old releases so you are forced to upgrade to new release (like with
Google Chrome).

This particular update doesn't appear to be a security update
but I wouldn't be surprised if a future 3.6.1 is one.

Except for test-building the package I haven't done any other testing.

Changelog entries since current saucy version 3.5.2+dfsg-1:

wordpress (3.6+dfsg-1) unstable; urgency=low

  * New upstream release.
  * Improve wp-settings to verify that $_SERVER['HTTP_X_FORWARDED_PROTO']
    exists before accessing it (avoids a PHP notice).
    Thanks to Paul Dreik <email address hidden> for the report and the patch.
  * Document in README.Debian the need to login to /wp-admin/ to complete
    an upgrade.
  * Drop useless debian/README.source
  * Drop 008CVE2008-2392.patch since upstream now disables unfiltered
    uploads by default. See http://core.trac.wordpress.org/ticket/10692
  * Drop 009CVE2008-6767.patch since the backto parameter is validated
    against a whitelist, and externally triggered upgrades are not a
    security problem as long as they work.
  * Update debian/missing-sources with latest versions.
  * Update upstream l10n.

 -- Raphaël Hertzog <email address hidden> Wed, 04 Sep 2013 23:18:58 +0200

Revision history for this message
Jeremy Bícha (jbicha) wrote :
Changed in wordpress (Ubuntu):
importance: Undecided → Wishlist
Revision history for this message
Scott Kitterman (kitterman) wrote :

Ack. Approved. This is one of those packages we definitely want the latest on.

Changed in wordpress (Ubuntu):
status: New → Triaged
Revision history for this message
Jeremy Bícha (jbicha) wrote :

This bug was fixed in the package wordpress - 3.6+dfsg-1

---------------
wordpress (3.6+dfsg-1) unstable; urgency=low

  * New upstream release.
  * Improve wp-settings to verify that $_SERVER['HTTP_X_FORWARDED_PROTO']
    exists before accessing it (avoids a PHP notice).
    Thanks to Paul Dreik <email address hidden> for the report and the patch.
  * Document in README.Debian the need to login to /wp-admin/ to complete
    an upgrade.
  * Drop useless debian/README.source
  * Drop 008CVE2008-2392.patch since upstream now disables unfiltered
    uploads by default. See http://core.trac.wordpress.org/ticket/10692
  * Drop 009CVE2008-6767.patch since the backto parameter is validated
    against a whitelist, and externally triggered upgrades are not a
    security problem as long as they work.
  * Update debian/missing-sources with latest versions.
  * Update upstream l10n.

 -- Raphaël Hertzog <email address hidden> Wed, 04 Sep 2013 23:18:58 +0200

Changed in wordpress (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.