Ubuntu
wordpress package

Sync wordpress 3.6.1 (universe) from Debian stable-security

  1. Raring (13.04)
  2. Bug #1221040
Bug #1221040 reported by Jeremy Bícha
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
wordpress (Debian)
Fix Released
Unknown
wordpress (Ubuntu)
Fix Released
High
Unassigned
Precise
Won't Fix
High
Unassigned
Quantal
Won't Fix
High
Unassigned
Raring
Won't Fix
High
Unassigned
Saucy
Fix Released
High
Unassigned

Bug Description

WordPress only maintains a single stable release (like Google Chrome) and doesn't backport bug fixes or security fixes to old releases.

Debian has recently released WordPress 3.6.1, the latest security update, to both Debian Wheezy and Squeeze. Since we're in sync with Debian, we should just backport their packages.

3.6.1+dfsg-1~deb7u1 to quantal and raring
3.6.1+dfsg-1~deb6u1 to precise (the deb7 package needs newer packages than are available for precise)

http://pts.debian.net/media/packages/w/wordpress/changelog-3.6.1%2Bdfsg-1~deb7u1

Build logs at https://launchpad.net/~jbicha/+archive/dev/+packages

See original description
Jeremy Bícha (jbicha)
Changed in wordpress (Ubuntu Precise):
importance: Undecided → High
Changed in wordpress (Ubuntu Quantal):
importance: Undecided → High
Changed in wordpress (Ubuntu Raring):
importance: Undecided → High
Jeremy Bícha (jbicha)
summary: - Please update wordpress to 3.5.2
+ Sync wordpress 3.5.2 (universe) from Debian stable-security
tags: added: sync
description: updated
Bug Watch Updater (bug-watch-updater)
Changed in wordpress (Debian):
status: Unknown → Fix Released
Jeremy Bícha (jbicha)
summary: - Sync wordpress 3.5.2 (universe) from Debian stable-security
+ Sync wordpress 3.6.1 (universe) from Debian stable-security
description: updated
Revision history for this message
Jeremy Bícha (jbicha) wrote :

When testing with my PPA, it looks like the 3.6.1 .orig.tar.gz uploaded to saucy/sid is not the same as was uploading to Debian stable-security so a straight sync might be rejected by Launchpad.

Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

I believe upgrading to a new release will break existing installations until an administrator does some migration work. I don't think this is acceptable as a security update.

If you feel strongly that we should update our stable releases to 3.6.1, please discuss this with the SRU team and see if it can be done with an SRU.

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

13.10 has 3.6.1+dfsg-1.

Changed in wordpress (Ubuntu Saucy):
status: New → Fix Released
Changed in wordpress (Ubuntu Precise):
status: New → Confirmed
Changed in wordpress (Ubuntu Quantal):
status: New → Confirmed
Changed in wordpress (Ubuntu Raring):
status: New → Confirmed
Jamie Strandboge (jdstrand)
Changed in wordpress (Ubuntu Raring):
status: Confirmed → Won't Fix
Rolf Leggewie (r0lf)
Changed in wordpress (Ubuntu Quantal):
status: Confirmed → Won't Fix
Revision history for this message
Steve Langasek (vorlon) wrote :

The Precise Pangolin has reached end of life, so this bug will not be fixed for that release

Changed in wordpress (Ubuntu Precise):
status: Confirmed → Won't Fix
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.