[Bug 670349] New: next wordpress security update...
https://bugzilla.novell.com/show_bug.cgi?id=670349 https://bugzilla.novell.com/show_bug.cgi?id=670349#c0 Summary: next wordpress security update... Classification: openSUSE Product: openSUSE.org Version: unspecified Platform: All OS/Version: Other Status: NEW Severity: Critical Priority: P5 - None Component: Infrastructure AssignedTo: mehle@novell.com ReportedBy: suse-beta@cboltz.de QAContact: lrupp@novell.com Found By: Beta-Customer Blocker: --- Matthew, it looks like wordpress is nearly as fast as you are ;-) About a week ago, you updated news.o.o/lizards.o.o to wordpress 3.0.4 (bug 663414). Now guess what: yesterday another security update was released that contains some XSS fixes. Details: http://codex.wordpress.org/Version_3.0.5 I recommend to upgrade to the latest version. Sidenote: On the long term, switching to Serendipity might be an option - it needs only one or two security updates per year ;-) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=670349
https://bugzilla.novell.com/show_bug.cgi?id=670349#c1
Matthew Ehle
https://bugzilla.novell.com/show_bug.cgi?id=670349
https://bugzilla.novell.com/show_bug.cgi?id=670349#c2
--- Comment #2 from Christian Boltz
If openSUSE wants to look at Serendipity, I will be happy to help. However, is it more secure, or just more obscure? ;)
It IS more secure - that's not only my opinion, but also from some people I know that are quite paranoid about server security and at the same time really know what they are doing (one of them was server security boss at a big german freemail provider). BTW: The security issues Serendipity had were mostly caused by "foreign" code like the WYSIWYG editor library. The code that was written by the Serendipity developers only had minor issues. Serendipity also has some other advantages like smarty templates (instead of mixing PHP and HTML - already that can avoid several security issues), lots of available plugins, very responsible developers etc. Oh, and of course it can import the existing wordpress data ;-) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=670349
https://bugzilla.novell.com/show_bug.cgi?id=670349#c
Mike Elquist
https://bugzilla.novell.com/show_bug.cgi?id=670349
https://bugzilla.novell.com/show_bug.cgi?id=670349#c3
Marcus Rückert
https://bugzilla.novell.com/show_bug.cgi?id=670349
https://bugzilla.novell.com/show_bug.cgi?id=670349#c4
Lars Vogdt
https://bugzilla.novell.com/show_bug.cgi?id=670349
https://bugzilla.novell.com/show_bug.cgi?id=670349#c
Barb Beckstead
https://bugzilla.novell.com/show_bug.cgi?id=670349
https://bugzilla.novell.com/show_bug.cgi?id=670349#c5
Christian Boltz
participants (1)
-
bugzilla_noreply@novell.com