[wp-trac] [WordPress Trac] #39309: Secure WordPress Against Infrastructure Attacks

WordPress Trac noreply at wordpress.org
Wed Apr 3 03:07:08 UTC 2019

#39309: Secure WordPress Against Infrastructure Attacks
 Reporter:  paragoninitiativeenterprises  |       Owner:  pento
     Type:  task (blessed)                |      Status:  assigned
 Priority:  normal                        |   Milestone:  5.2
Component:  Upgrade/Install               |     Version:  4.8
 Severity:  critical                      |  Resolution:
 Keywords:  has-patch                     |     Focuses:

Comment (by dd32):

 After reviewing the error debugging included, it looks like we've got a
 few clients failing to verify signatures, but the reason isn't jumping out
 at me straight away.

 While it could be developers debugging the functionality,
 [attachment:"39309-extra-debugging.diff"] adds some extra debugging data
 to the payload to identify the PHP version, and Sodium Version (or
 sodium_compat version) in use which should help narrow down any

Ticket URL: <https://core.trac.wordpress.org/ticket/39309#comment:68>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list