pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: [pkgsrc-2013Q1] pkgsrc/www/wordpress

Module Name:    pkgsrc
Committed By:   tron
Date:           Sat Jun 29 23:38:30 UTC 2013

Modified Files:
        pkgsrc/www/wordpress [pkgsrc-2013Q1]: Makefile PLIST distinfo

Log Message:
Pullup ticket #4166 - requested by morr
www/wordpress: security update

Revisions pulled up:
- www/wordpress/Makefile                                        1.32-1.33
- www/wordpress/PLIST                                           1.15
- www/wordpress/distinfo                                        1.25

---
   Module Name: pkgsrc
   Committed By:        morr
   Date:                Mon Jun 24 16:13:21 UTC 2013

   Modified Files:
        pkgsrc/www/wordpress: Makefile distinfo

   Log Message:
   Security update to version 3.5.2.

   Fixed issues:

   * Server-Side Request Forgery (SSRF) via the HTTP API. CVE-2013-2199.
   * Privilege Escalation: Contributors can publish posts, and users can 
reassign authorship. CVE-2013-2200.
   * Cross-Site Scripting (XSS) in SWFUpload. CVE-2013-2205.
   * Denial of Service (DoS) via Post Password Cookies. CVE-2013-2173.
   * Content Spoofing via Flash Applet in TinyMCE Media Plugin. CVE-2013-2204.
   * Cross-Site Scripting (XSS) when Uploading Media. CVE-2013-2201.
   * Full Path Disclosure (FPD) during File Upload. CVE-2013-2203.

   * Cross-Site Scripting (XSS) (Low Severity) when Editing Media. 
CVE-2013-2201.
   * Cross-Site Scripting (XSS) (Low Severity) when Installing/Updating 
Plugins/Themes. CVE-2013-2201.
   * XML External Entity Injection (XXE) via oEmbed. CVE-2013-2202.

---
   Module Name:    pkgsrc
   Committed By:   morr
   Date:           Mon Jun 24 16:16:42 UTC 2013

   Modified Files:
           pkgsrc/www/wordpress: Makefile

   Log Message:
   Remove pkgrevision bit

---
   Module Name:    pkgsrc
   Committed By:   morr
   Date:           Thu Jun 27 08:04:57 UTC 2013

   Modified Files:
           pkgsrc/www/wordpress: PLIST

   Log Message:
   Fix PLIST file, unbreak build


To generate a diff of this commit:
cvs rdiff -u -r1.31 -r1.31.2.1 pkgsrc/www/wordpress/Makefile
cvs rdiff -u -r1.14 -r1.14.2.1 pkgsrc/www/wordpress/PLIST
cvs rdiff -u -r1.24 -r1.24.2.1 pkgsrc/www/wordpress/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home | Main Index | Thread Index | Old Index