CVS commit: pkgsrc/www/wordpress

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/www/wordpress
From: "Daniel Horecki" <morr%netbsd.org@localhost>
Date: Wed, 25 Apr 2012 13:00:37 +0000

Module Name:    pkgsrc
Committed By:   morr
Date:           Wed Apr 25 13:00:37 UTC 2012

Modified Files:
        pkgsrc/www/wordpress: Makefile distinfo

Log Message:
Security update to Wordpress 3.3.2.

Three external libraries included in WordPress received security updates:

* Plupload (version 1.5.4), which WordPress uses for uploading media.
* SWFUpload, which WordPress previously used for uploading media, and may still 
be in use by plugins.
* SWFObject, which WordPress previously used to embed Flash content, and may 
still be in use by plugins and themes.

WordPress 3.3.2 also addresses:

* Limited privilege escalation where a site administrator could deactivate 
network-wide plugins when running a WordPress network under particular 
circumstances.
* Cross-site scripting vulnerability when making URLs clickable.
* Cross-site scripting vulnerabilities in redirects after posting comments in 
older browsers, and when filtering URLs.


To generate a diff of this commit:
cvs rdiff -u -r1.24 -r1.25 pkgsrc/www/wordpress/Makefile
cvs rdiff -u -r1.19 -r1.20 pkgsrc/www/wordpress/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index