[wp-hackers] Exploit, or no?
Scott Merrill
skippy at skippy.net
Tue Jun 28 17:06:55 GMT 2005
This thread:
http://wordpress.org/support/topic/37482
was last responded to by Ryan on Saturday. Since then, some development
work has occured on WordPress in the form of SVN check-ins for Mark
Jaquith's get_id_by_permalink() work.
So, is there a confirmed vulnerability about which we should be
concerned? If so:
* are there any mitigating circumstances to lessen the threat?
* are there any steps we can take to protect ourselves until an official
update is released?
I'm not trying to be a gadfly; and I'm not trying to rush anything
along. But I _would_ want to see that thread marked "resolved", so that
regular folks don't worry that 'nothing happens' with regard to
WordPress security.
--
skippy at skippy.net | http://skippy.net/
gpg --keyserver pgp.mit.edu --recv-keys 9CFA4B35
506C F8BB 17AE 8A05 0B49 3544 476A 7DEC 9CFA 4B35
More information about the wp-hackers
mailing list