pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/www/wordpress Security update to version 4.7.3.



details:   https://anonhg.NetBSD.org/pkgsrc/rev/7c859e7ba9b8
branches:  trunk
changeset: 359338:7c859e7ba9b8
user:      morr <morr%pkgsrc.org@localhost>
date:      Tue Mar 07 17:39:13 2017 +0000

description:
Security update to version 4.7.3.

Fixed security bugs:

* Cross-site scripting (XSS) via media file metadata. Reported by Chris Andr?
  Dale, Yorick Koster, and Simon P. Briggs.
* Control characters can trick redirect URL validation. Reported by Daniel
  Chatfield.
* Unintended files can be deleted by administrators using the plugin deletion
  functionality. Reported by xuliang.
* Cross-site scripting (XSS) via video URL in YouTube embeds. Reported by Marc
  Montpas.
* Cross-site scripting (XSS) via taxonomy term names. Reported by Delta.
* Cross-site request forgery (CSRF) in Press This leading to excessive use of
  server resources. Reported by Sipke Mellema.

More information here: https://codex.wordpress.org/Version_4.7.3

diffstat:

 www/wordpress/Makefile |   4 ++--
 www/wordpress/PLIST    |   3 +--
 www/wordpress/distinfo |  10 +++++-----
 3 files changed, 8 insertions(+), 9 deletions(-)

diffs (45 lines):

diff -r 0ca3f48efb1c -r 7c859e7ba9b8 www/wordpress/Makefile
--- a/www/wordpress/Makefile    Tue Mar 07 16:28:35 2017 +0000
+++ b/www/wordpress/Makefile    Tue Mar 07 17:39:13 2017 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.62 2017/01/28 10:14:15 morr Exp $
+# $NetBSD: Makefile,v 1.63 2017/03/07 17:39:13 morr Exp $
 
 DISTNAME=              wordpress-${VERSION}
-VERSION=               4.7.2
+VERSION=               4.7.3
 CATEGORIES=            www
 MASTER_SITES=          http://wordpress.org/
 
diff -r 0ca3f48efb1c -r 7c859e7ba9b8 www/wordpress/PLIST
--- a/www/wordpress/PLIST       Tue Mar 07 16:28:35 2017 +0000
+++ b/www/wordpress/PLIST       Tue Mar 07 17:39:13 2017 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.32 2017/01/09 19:10:16 morr Exp $
+@comment $NetBSD: PLIST,v 1.33 2017/03/07 17:39:13 morr Exp $
 share/doc/wordpress/license.txt
 share/doc/wordpress/readme.html
 share/examples/wordpress/wordpress.conf
@@ -534,7 +534,6 @@
 share/wordpress/wp-content/plugins/akismet/views/notice.php
 share/wordpress/wp-content/plugins/akismet/views/start.php
 share/wordpress/wp-content/plugins/akismet/views/stats.php
-share/wordpress/wp-content/plugins/akismet/views/strict.php
 share/wordpress/wp-content/plugins/akismet/wrapper.php
 share/wordpress/wp-content/plugins/hello.php
 share/wordpress/wp-content/plugins/index.html
diff -r 0ca3f48efb1c -r 7c859e7ba9b8 www/wordpress/distinfo
--- a/www/wordpress/distinfo    Tue Mar 07 16:28:35 2017 +0000
+++ b/www/wordpress/distinfo    Tue Mar 07 17:39:13 2017 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.52 2017/01/28 10:14:15 morr Exp $
+$NetBSD: distinfo,v 1.53 2017/03/07 17:39:13 morr Exp $
 
-SHA1 (wordpress-4.7.2.tar.gz) = 7b687f1af589c337124e6247229af209ec1d52c3
-RMD160 (wordpress-4.7.2.tar.gz) = 94d2c79636652913bdf3b4c7058003b6d5b3f7f2
-SHA512 (wordpress-4.7.2.tar.gz) = 610a820cf2eea39a60100515f68e95a7194a4e20df9c8158111b1978d5bc7c606dd2b7adf2f4019e9108a136e12eb2db7ae5ed75681cec23ffb901f8cc7fb83a
-Size (wordpress-4.7.2.tar.gz) = 7997959 bytes
+SHA1 (wordpress-4.7.3.tar.gz) = 35adcd8162eae00d5bc37f35344fdc06b22ffc98
+RMD160 (wordpress-4.7.3.tar.gz) = 5030cb6bc1f54bfdd1f81033c44ac3991e016d63
+SHA512 (wordpress-4.7.3.tar.gz) = 071df65c3a43557faf351838a661a83e26d8de37c8633dc17a59d773cc91caef640a625b0719606df1fc563fd18af71ba1da22a5b6f345339e73761754484dc5
+Size (wordpress-4.7.3.tar.gz) = 8008833 bytes



Home | Main Index | Thread Index | Old Index