Bug 664873 - Known security issues in 2.9.1.1
Summary: Known security issues in 2.9.1.1
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: wordpress-mu
Version: rawhide
Hardware: Unspecified
OS: Unspecified
low
medium
Target Milestone: ---
Assignee: Bret McMillan
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-12-22 00:09 UTC by Ricky Zhou
Modified: 2011-01-27 18:23 UTC (History)
5 users (show)

Fixed In Version: wordpress-mu-2.9.2-3.el5
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-01-08 21:27:24 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Ricky Zhou 2010-12-22 00:09:47 UTC
The wordpress-mu package is at version 2.9.1.1, which contains known bugs, including a serious SQL injection bug (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605603).  I'm not sure if there is a released wordpress-mu where this bug is fixed.  It's probably worth starting talks with the wordpress maintainer about updating that to the latest version and dropping wordpress-mu, now that wordpress and wordpress-mu have merged into one project.

Comment 1 Michael Hampton 2010-12-22 04:35:47 UTC
WordPress MU requires a bit of manual intervention to update from 2.x to 3.0; see http://developersmind.com/2010/06/17/upgrading-wordpress-mu-2-9-2-to-wordpress-3-0/ for one tutorial.

It might be easier and less disruptive to backport security fixes for now, and target wordpress 3.0 for F15.

Comment 2 Fedora Update System 2010-12-23 16:17:46 UTC
wordpress-mu-2.9.2-2.fc13 has been submitted as an update for Fedora 13.
https://admin.fedoraproject.org/updates/wordpress-mu-2.9.2-2.fc13

Comment 3 Fedora Update System 2010-12-23 16:17:57 UTC
wordpress-mu-2.9.2-2.fc14 has been submitted as an update for Fedora 14.
https://admin.fedoraproject.org/updates/wordpress-mu-2.9.2-2.fc14

Comment 4 Fedora Update System 2010-12-23 16:18:10 UTC
wordpress-mu-2.9.2-2.el5 has been submitted as an update for Fedora EPEL 5.
https://admin.fedoraproject.org/updates/wordpress-mu-2.9.2-2.el5

Comment 5 Fedora Update System 2010-12-31 20:58:15 UTC
wordpress-mu-2.9.2-2.fc14 has been pushed to the Fedora 14 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update wordpress-mu'.  You can provide feedback for this update here: https://admin.fedoraproject.org/updates/wordpress-mu-2.9.2-2.fc14

Comment 6 Fedora Update System 2011-01-08 21:27:16 UTC
wordpress-mu-2.9.2-2.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 7 Fedora Update System 2011-01-08 21:30:06 UTC
wordpress-mu-2.9.2-2.fc14 has been pushed to the Fedora 14 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 8 Fedora Update System 2011-01-27 18:22:56 UTC
wordpress-mu-2.9.2-3.el5 has been pushed to the Fedora EPEL 5 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.