CVS commit: pkgsrc/www/wordpress

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/www/wordpress
From: "Daniel Horecki" <morr%netbsd.org@localhost>
Date: Sun, 13 Apr 2014 14:10:59 +0000

Module Name:    pkgsrc
Committed By:   morr
Date:           Sun Apr 13 14:10:59 UTC 2014

Modified Files:
        pkgsrc/www/wordpress: Makefile distinfo

Log Message:
Update to newest version of Wordpress, containing security fixes.

It contains 9 bugfixes and 5 security fixes:

* Potential authentication cookie forgery. CVE-2014-0166.
* Privilege escalation: prevent contributors from publishing posts. 
CVE-2014-0165.
* (Hardening) Pass along additional information when processing pingbacks to 
help hosts identify potentially abusive requests.
* (Hardening) Fix a low-impact SQL injection by trusted users.
* (Hardening) Prevent possible cross-domain scripting through Plupload, the 
third-party library WordPress uses for uploading files.


To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.39 pkgsrc/www/wordpress/Makefile
cvs rdiff -u -r1.30 -r1.31 pkgsrc/www/wordpress/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/devel/ocaml-findlib
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/devel/ocaml-findlib
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index