CVS commit: [pkgsrc-2014Q1] pkgsrc/www/wordpress

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: [pkgsrc-2014Q1] pkgsrc/www/wordpress
From: "Matthias Scheler" <tron%netbsd.org@localhost>
Date: Mon, 14 Apr 2014 12:29:38 +0000

Module Name:    pkgsrc
Committed By:   tron
Date:           Mon Apr 14 12:29:38 UTC 2014

Modified Files:
        pkgsrc/www/wordpress [pkgsrc-2014Q1]: Makefile distinfo

Log Message:
Pullup ticket #4370 - requested by morr
www/wordpress: security update

Revisions pulled up:
- www/wordpress/Makefile                                        1.39
- www/wordpress/distinfo                                        1.31

---
   Module Name: pkgsrc
   Committed By:        morr
   Date:                Sun Apr 13 14:10:59 UTC 2014

   Modified Files:
        pkgsrc/www/wordpress: Makefile distinfo

   Log Message:
   Update to newest version of Wordpress, containing security fixes.

   It contains 9 bugfixes and 5 security fixes:

   * Potential authentication cookie forgery. CVE-2014-0166.
   * Privilege escalation: prevent contributors from publishing posts. 
CVE-2014-0165.
   * (Hardening) Pass along additional information when processing pingbacks to 
help hosts identify potentially abusive requests.
   * (Hardening) Fix a low-impact SQL injection by trusted users.
   * (Hardening) Prevent possible cross-domain scripting through Plupload, the 
third-party library WordPress uses for uploading files.


To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.38.2.1 pkgsrc/www/wordpress/Makefile
cvs rdiff -u -r1.30 -r1.30.2.1 pkgsrc/www/wordpress/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: [pkgsrc-2014Q1] pkgsrc/lang
Next by Date: CVS commit: pkgsrc/textproc/p5-YAML-LibYAML
Previous by Thread: CVS commit: [pkgsrc-2014Q1] pkgsrc/lang
Next by Thread: CVS commit: pkgsrc/textproc/p5-YAML-LibYAML
Indexes:

Home | Main Index | Thread Index | Old Index