Markus Koschany · Markus Koschany · Markus Koschany · Markus Koschany · Markus Koschany · c3ed204e
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1610,6 +1610,7 @@ CVE-2018-5776 (WordPress before 4.9.2 has XSS in the Flash fallback files in ...
 	- wordpress 4.9.2+dfsg-1 (bug #887596)
 	[stretch] - wordpress <not-affected> (Vulnerable files have been removed before)
 	[jessie] - wordpress <not-affected> (Vulnerable files have been removed before)
+	[wheezy] - wordpress <not-affected> (Vulnerable files have been removed before)
 	NOTE: For jessie and stretch version the files silverlightmediaelement.xap and
 	NOTE: flashmediaelement.swf have been removed with the 4.1+dfsg-1 version.
 	NOTE: sid in version 4.9.1+dfsg-1 did as well *not* have the files but track here the
@@ -20918,6 +20919,7 @@ CVE-2012-6707 (WordPress through 4.8.2 uses a weak MD5-based password hashing ..
 	- wordpress <unfixed> (bug #880868)
 	[stretch] - wordpress <postponed> (Minor issue, can be revisited with upstream has picked a new hashing solution)
 	[jessie] - wordpress <postponed> (Minor issue, can be revisited with upstream has picked a new hashing solution)
+	[wheezy] - wordpress <postponed> (Minor issue, can be revisited with upstream has picked a new hashing solution)
 	NOTE: https://core.trac.wordpress.org/ticket/21022
 	NOTE: Proposed patch (but not merged): https://core.trac.wordpress.org/attachment/ticket/21022/21022.3.diff
 	NOTE: Cf. https://core.trac.wordpress.org/ticket/21022#comment:80 and following.
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -61,12 +61,5 @@ openjdk-7 (Emilio Pozuelo)
 --
 p7zip
 --
-wordpress
-  NOTE: CVE-2012-6707: Fix requires migrating users from MD5 -> bcrypt. (lamby)
-  NOTE: This needs an upstream fix first, to ensure we don't implement a
-  NOTE: solution that is incompatable with other distributions. (Brian)
-  NOTE: 2018-08-09: Upstream bug opened 6 years ago and no chages to upstream
-  NOTE: bug in 7 weeks.
--
 xen
 --