"We would like to announce that WordPress 18.104.22.168 is now released as we continue the availablity of a highly stable and extremely popular branch based on the 1.5 Strayhorn codebase. Development has moved on to some exciting new features for the next major release, but an important security issue was brought to our attention which required an update for our users. The problem is not yet public but you should update your blog as soon as possible to 22.214.171.124. If you are unable to do upgrade in the short-term you may protect yourself by deleting the xmlrpc.php file from your WordPress directory."
web-apps please bump.
At least they're getting their act together and making security releases now ;-
I will bump this tonight.
A little bit of miscommunication here. The vulnerabilities were present in
126.96.36.199, and fixed in 188.8.131.52. This includes the XML-RPC issues. Bumping now.
Thx Aaron, are you sure that only 184.108.40.206 were vulnerable?
[10:59:45] <@Koon> jaervosz: about wordpress I think versions < 220.127.116.11 are
Closing without GLSA since Wordpress is masked.
In fact wordpress is out of package.mask...
Calling arches to test and mark stable.
Stable on ppc.
Stable on SPARC.
Still missing ppc, x86 and amd64 stable keywords.
Just marking it locally, but not committing it doesn't help anybody. Stable on
ppc now, finally.
SuperLag is the current wordpress maintainer. I'm assuming he has a x86, so
he'd probably be the best candidate.
superlag marked x86 and amd64 stable