[pkgsrc/trunk]: pkgsrc/www/wordpress Security update 4.7.5. Bugs fixed:

[jklos <jklos%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/840e0e3a39fc
branches:  trunk
changeset: 362997:840e0e3a39fc
user:      jklos <jklos%pkgsrc.org@localhost>
date:      Tue May 30 07:20:15 2017 +0000

description:
Security update 4.7.5. Bugs fixed:

Insufficient redirect validation in the HTTP class. Reported by Ronni
Skansing.
Improper handling of post meta data values in the XML-RPC API. Reported by
Sam Thomas.
Lack of capability checks for post meta data in the XML-RPC API. Reported
by Ben Bidner of the WordPress Security Team.
A Cross Site Request Forgery (CSRF)  vulnerability was discovered in the
filesystem credentials dialog. Reported by Yorick Koster.
A cross-site scripting (XSS) vulnerability was discovered when attempting
to upload very large files. Reported by Ronni Skansing.
A cross-site scripting (XSS) vulnerability was discovered related to the
Customizer. Reported by Weston Ruter of the WordPress Security Team.

diffstat:

 www/wordpress/Makefile |   6 +++---
 www/wordpress/distinfo |  10 +++++-----
 2 files changed, 8 insertions(+), 8 deletions(-)

diffs (30 lines):

diff -r 016ba8fd14aa -r 840e0e3a39fc www/wordpress/Makefile
--- a/www/wordpress/Makefile    Mon May 29 23:24:55 2017 +0000
+++ b/www/wordpress/Makefile    Tue May 30 07:20:15 2017 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.67 2017/04/15 15:46:29 taca Exp $
+# $NetBSD: Makefile,v 1.68 2017/05/30 07:20:15 jklos Exp $
 
 DISTNAME=              wordpress-${VERSION}
-VERSION=               4.7.3
-PKGREVISION=           1
+VERSION=               4.7.5
+PKGREVISION=           0
 CATEGORIES=            www
 MASTER_SITES=          http://wordpress.org/
 
diff -r 016ba8fd14aa -r 840e0e3a39fc www/wordpress/distinfo
--- a/www/wordpress/distinfo    Mon May 29 23:24:55 2017 +0000
+++ b/www/wordpress/distinfo    Tue May 30 07:20:15 2017 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.53 2017/03/07 17:39:13 morr Exp $
+$NetBSD: distinfo,v 1.54 2017/05/30 07:20:15 jklos Exp $
 
-SHA1 (wordpress-4.7.3.tar.gz) = 35adcd8162eae00d5bc37f35344fdc06b22ffc98
-RMD160 (wordpress-4.7.3.tar.gz) = 5030cb6bc1f54bfdd1f81033c44ac3991e016d63
-SHA512 (wordpress-4.7.3.tar.gz) = 071df65c3a43557faf351838a661a83e26d8de37c8633dc17a59d773cc91caef640a625b0719606df1fc563fd18af71ba1da22a5b6f345339e73761754484dc5
-Size (wordpress-4.7.3.tar.gz) = 8008833 bytes
+SHA1 (wordpress-4.7.5.tar.gz) = fbe0ee1d9010265be200fe50b86f341587187302
+RMD160 (wordpress-4.7.5.tar.gz) = 040489202e8bff75fc2eafda0c11dd22cc6133f8
+SHA512 (wordpress-4.7.5.tar.gz) = 7d6e4feaf95c49ec7e68068687a399145613d90b5867616ac7a324c60f9107f2453c9f745a455b94e84ef12b191cb2ac67e6b4dd3b8f669e344ea63afc6988ca
+Size (wordpress-4.7.5.tar.gz) = 8037036 bytes