Ubuntu
wordpress package

  1. Bug #301340
  2. Comment #2

Comment 2 for bug 301340

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package wordpress - 2.5.1-10ubuntu1

---------------
wordpress (2.5.1-10ubuntu1) jaunty; urgency=low

  * Merge from debian unstable, remaining changes: (LP: #301340)
   + debian/apache.conf:
    - Changed to use /var/www instead of /srv/www for virtual webroot.
   + debian/setup-mysql:
    - Changed to use /var/www instead of /srv/www.
  * debian/patches/010_remove_update_notice.patch:
    - Reworked original patch to remove Wordpress upgrade notify
      in admin dashboard (Rolf Leggewie) (LP: #227547)
  * Include patch for CVE2008-3747 (LP: #269301)

wordpress (2.5.1-10) unstable; urgency=high

  * 007CVE2008-2392.patch modified.
   Now users chan dinamically choose to enable unrestricted upload for admins.
  * 010_REQUEST.patch added.
   This patch is only a workaround for #504771. Now cookies are properly
   checked; if something malicious is found wordpress stops any other execution
   until cookies are not cleaned.

 -- Stefan Lesicnik <email address hidden> Sun, 23 Nov 2008 18:12:33 +0200