pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/www/wordpress

Module Name:    pkgsrc
Committed By:   morr
Date:           Sun Jan 27 07:51:37 UTC 2013

Modified Files:
        pkgsrc/www/wordpress: Makefile PLIST distinfo

Log Message:
This maintenance release addresses 37 bugs with version 3.5, including:

* Editor: Prevent certain HTML elements from being unexpectedly removed or
modified in rare cases.
* Media: Fix a collection of minor workflow and compatibility issues in the new
media manager.
* Networks: Suggest proper rewrite rules when creating a new network.
* Prevent scheduled posts from being stripped of certain HTML, such as video
embeds, when they are published.
* Work around some misconfigurations that may have caused some JavaScript in
the WordPress admin area to fail.
* Suppress some warnings that could occur when a plugin misused the database or
user APIs.

Additionally: Version 3.5.1 fixes a few security issues:

* Server-side request forgery (SSRF) and remote port scanning via pingbacks.
Fixed by the WordPress security team.
* Cross-site scripting (XSS) via shortcodes and post content. Discovered by Jon
Cave of the WordPress security team.
* Cross-site scripting (XSS) in the external library Plupload. Plupload 1.5.5
was released to address this issue.

To generate a diff of this commit:
cvs rdiff -u -r1.29 -r1.30 pkgsrc/www/wordpress/Makefile
cvs rdiff -u -r1.13 -r1.14 pkgsrc/www/wordpress/PLIST
cvs rdiff -u -r1.23 -r1.24 pkgsrc/www/wordpress/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index