Hot on the heels of WordPress version 5.2.3 which fixed a bunch of stuff we have WordPress 5.2.4 with fixes for six security issues. There is a certain trick to matching up what the WordPress Blog thinks has been fixed and the changsets between the old version and the new. The curious thing is there…
For working with Debian packages, one method of maintaining them is to put them in git and use git-buildpackage to build them right out of the git repository. There are a few pitfalls with it, notably around if you forget to import the upstream you get this strange treeish related error which still throws me at first when I see it.
Part of maintaining packages is to be able to fix security bugs in older versions of them that are found in stable and even sometimes old stable (jessie and wheezy respectively at the time of writing). At first I used to do this outside git because to me there wasn’t a clear way of doing it within it. This is not too satisfactory because it means you lose the benefits of using git in the first place, and for distributions you are more likely to need collaboration with, such as working with the security team or help with backporting.
…
Previously I posted a short article about the WordPress package for Debian and how that SID was getting the updated WordPress 4.0.1 which had some security fixes.
The question a lot of people were asking was: What about stable (or Wheezy). After way too much time due to other pressing issues, I have just uploaded the patched WordPress debian package for stable. The fixed version has the catchy number of 3.6.1~deb7u5. This package has all of the relevant patches that went in from WordPress 3.7.4 to 3.7.5 and there are even CVE IDs for this package (and 4.0.1 which all this stems from).
…
I was recently updating some code that uses fping. Initially it used exec() that was redirected to a temporary file but I changed it to use popen. While it had been a while since I’ve done this sort of thing, I do recall there was an issue with running popen on setuid binary. A later…
I was surprised at first to see that a long-standing bug in dspam had been fixed. Until that is, I realised it was from the Debian ftp masters and the reason the bug was closing was that dspam was being removed from the Debian archive. Damn! So, now what? What is a good…
Well if you can read this then you know it’s working. After way too many weeks, Debian will have WordPress version 3.8. Thanks to Raphaël for his kind assistance and answering my questions about how it was built. The upload is still gurgling along and will make it there in its own time. He said…
I really don’t know why ethernet device makers insist on making it hard for to use their products. Ethernet has been around for many, many years; surely its not too much to ask for drivers that “just work”. And so that’s the problem I currently have with my new computer. It has an onboard Ethernet…
pidof is a program that finds the PID of a named program. In some ways it is like a cut-down pgrep found in the procps package. pidof currently sits in sysvinit-tools. There are plans to move all utilities that use the proc filesystem under one package which will make the maintenance of them simpler, which…
You might (or not if you don’t visit) notice all my websites were down. A rushed apt-get dist-upgrade and I found two problems: PHP5 got removed, which is bad if you run a wordpress site that uses PHP to run The apache configuration has changed. Yes, the NEWS entries did warn me, if I read…
While I’ve been involve in Linux and Debian for many (15 or more) years, I’ve only ever been to one “major Linux thing” in all that time and that was manning some stall for Debian about 10 years ago. Well, let’s call it two because next week I’m off to the Linux.conf.au 2013 conference. I…