Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Wordpress 2.2(.1): SQL injection, XSS, unrestricted file upload vulnerabilities
Alias: CVE-2007-3544
https://bugzilla.redhat.com/show_bug.cgi?id=245211
------- Additional Comments From john(a)ncphotography.com 2007-11-01 16:49 EST -------
Wordpress upstream is far from dead, they simply did not respond to my inquiry
regarding this specific vulnerability. They have made additional releases, and
we currently have version 2.2.3 available in FC7, 2.3.1 in devel. I'm as
comfortable having wordpress in the distro as I am with having various bugs I've
reported in RHEL still be open after multiple years, or closed with a WONTFIX
from PM.
--
Configure bugmail:
https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.