pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2019Q4]: pkgsrc/www/wordpress Pullup ticket #6139 - requested ...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/606b6a75bc32
branches:  pkgsrc-2019Q4
changeset: 411919:606b6a75bc32
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Sun Feb 23 18:10:23 2020 +0000

description:
Pullup ticket #6139 - requested by morr
www/wordpress: security fix

Revisions pulled up:
- www/wordpress/Makefile                                        1.91
- www/wordpress/PLIST                                           1.42
- www/wordpress/distinfo                                        1.73

---
   Module Name:    pkgsrc
   Committed By:   morr
   Date:           Sun Feb 23 09:59:42 UTC 2020

   Modified Files:
           pkgsrc/www/wordpress: Makefile PLIST distinfo

   Log Message:
   Update to version 5.3.2.

   Changes:

   Version 5.3.2:
   Maintenance updates
   - Date/Time: Ensure that get_feed_build_date() correctly handles a modified post object with invalid date.
   - Uploads: Fix file name collision in wp_unique_filename() when uploading a file with upper case extension on non case-sensitive file systems.
   - Media: Fix PHP warnings in wp_unique_filename() when the destination directory is unreadable.
   - Administration: Fix the colors in all color schemes for buttons with the .active class.
   - Tests/build tools: In wp_insert_post(), when checking the post date to set future or publish status, use a proper delta comparison.

   Version 5.3.1:
   Security fixes
   - Props to Daniel Bachhuber for finding an issue where an unprivileged user could make a post sticky via the REST API.
   - Props to Simon Scannell of RIPS Technologies for finding and disclosing an issue where cross-site scripting (XSS) could be stored in well-crafted links.
   - Props to the WordPress.org Security Team for hardening wp_kses_bad_protocol() to ensure that it is aware of the named colon attribute.
   - Props to Nguyen The Duc for discovering a stored XSS vulnerability using block editor content.

   Maintenance updates
   - Administration: improvements to admin form controls height and alignment standardization (see related dev note), dashboard widget links accessibility and alternate color scheme readability 
issues (see related dev note).
   - Block editor: fix Edge scrolling issues and intermittent JavaScript issues.
   - Bundled themes: add customizer option to show/hide author bio, replace JS based smooth scroll with CSS (see related dev note) and fix Instagram embed CSS.
   - Date/time: improve non-GMT dates calculation, fix date format output in specific languages and make get_permalink() more resilient against PHP timezone changes.
   - Embeds: remove CollegeHumor oEmbed provider as the service doesn?t exist anymore.
   - External libraries: update sodium_compat.
   - Site health: allow the remind interval for the admin email verification to be filtered.
   - Uploads: avoid thumbnails overwriting other uploads when filename matches, and exclude PNG images from scaling after upload.
   - Users: ensure administration email verification uses the user?s locale instead of the site locale.

diffstat:

 www/wordpress/Makefile |   5 ++---
 www/wordpress/PLIST    |  10 +++++++++-
 www/wordpress/distinfo |  10 +++++-----
 3 files changed, 16 insertions(+), 9 deletions(-)

diffs (88 lines):

diff -r 1ab95abcbaee -r 606b6a75bc32 www/wordpress/Makefile
--- a/www/wordpress/Makefile    Sun Feb 23 15:16:34 2020 +0000
+++ b/www/wordpress/Makefile    Sun Feb 23 18:10:23 2020 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.90 2019/12/09 14:20:57 taca Exp $
+# $NetBSD: Makefile,v 1.90.4.1 2020/02/23 18:10:23 bsiegert Exp $
 
 DISTNAME=              wordpress-${VERSION}
-VERSION=               5.3
-PKGREVISION=           1
+VERSION=               5.3.2
 CATEGORIES=            www
 MASTER_SITES=          https://wordpress.org/
 
diff -r 1ab95abcbaee -r 606b6a75bc32 www/wordpress/PLIST
--- a/www/wordpress/PLIST       Sun Feb 23 15:16:34 2020 +0000
+++ b/www/wordpress/PLIST       Sun Feb 23 18:10:23 2020 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.41 2019/12/04 08:06:04 morr Exp $
+@comment $NetBSD: PLIST,v 1.41.4.1 2020/02/23 18:10:23 bsiegert Exp $
 share/doc/wordpress/license.txt
 share/doc/wordpress/readme.html
 share/examples/wordpress/wordpress.conf
@@ -1453,6 +1453,7 @@
 share/wordpress/wp-includes/js/heartbeat.min.js
 share/wordpress/wp-includes/js/hoverIntent.js
 share/wordpress/wp-includes/js/hoverIntent.min.js
+share/wordpress/wp-includes/js/hoverintent-js.min.js
 share/wordpress/wp-includes/js/imagesloaded.min.js
 share/wordpress/wp-includes/js/imgareaselect/border-anim-h.gif
 share/wordpress/wp-includes/js/imgareaselect/border-anim-v.gif
@@ -1792,6 +1793,7 @@
 share/wordpress/wp-includes/sodium_compat/lib/constants.php
 share/wordpress/wp-includes/sodium_compat/lib/namespaced.php
 share/wordpress/wp-includes/sodium_compat/lib/php72compat.php
+share/wordpress/wp-includes/sodium_compat/lib/php72compat_const.php
 share/wordpress/wp-includes/sodium_compat/lib/sodium_compat.php
 share/wordpress/wp-includes/sodium_compat/namespaced/Compat.php
 share/wordpress/wp-includes/sodium_compat/namespaced/Core/BLAKE2b.php
@@ -1821,6 +1823,9 @@
 share/wordpress/wp-includes/sodium_compat/namespaced/File.php
 share/wordpress/wp-includes/sodium_compat/src/Compat.php
 share/wordpress/wp-includes/sodium_compat/src/Core/BLAKE2b.php
+share/wordpress/wp-includes/sodium_compat/src/Core/Base64/Common.php
+share/wordpress/wp-includes/sodium_compat/src/Core/Base64/Original.php
+share/wordpress/wp-includes/sodium_compat/src/Core/Base64/UrlSafe.php
 share/wordpress/wp-includes/sodium_compat/src/Core/ChaCha20.php
 share/wordpress/wp-includes/sodium_compat/src/Core/ChaCha20/Ctx.php
 share/wordpress/wp-includes/sodium_compat/src/Core/ChaCha20/IetfCtx.php
@@ -1839,6 +1844,7 @@
 share/wordpress/wp-includes/sodium_compat/src/Core/Poly1305.php
 share/wordpress/wp-includes/sodium_compat/src/Core/Poly1305/State.php
 share/wordpress/wp-includes/sodium_compat/src/Core/Salsa20.php
+share/wordpress/wp-includes/sodium_compat/src/Core/SecretStream/State.php
 share/wordpress/wp-includes/sodium_compat/src/Core/SipHash.php
 share/wordpress/wp-includes/sodium_compat/src/Core/Util.php
 share/wordpress/wp-includes/sodium_compat/src/Core/X25519.php
@@ -1865,6 +1871,7 @@
 share/wordpress/wp-includes/sodium_compat/src/Core32/Poly1305.php
 share/wordpress/wp-includes/sodium_compat/src/Core32/Poly1305/State.php
 share/wordpress/wp-includes/sodium_compat/src/Core32/Salsa20.php
+share/wordpress/wp-includes/sodium_compat/src/Core32/SecretStream/State.php
 share/wordpress/wp-includes/sodium_compat/src/Core32/SipHash.php
 share/wordpress/wp-includes/sodium_compat/src/Core32/Util.php
 share/wordpress/wp-includes/sodium_compat/src/Core32/X25519.php
@@ -1873,6 +1880,7 @@
 share/wordpress/wp-includes/sodium_compat/src/Crypto.php
 share/wordpress/wp-includes/sodium_compat/src/Crypto32.php
 share/wordpress/wp-includes/sodium_compat/src/File.php
+share/wordpress/wp-includes/sodium_compat/src/PHP52/SplFixedArray.php
 share/wordpress/wp-includes/sodium_compat/src/SodiumException.php
 share/wordpress/wp-includes/spl-autoload-compat.php
 share/wordpress/wp-includes/taxonomy.php
diff -r 1ab95abcbaee -r 606b6a75bc32 www/wordpress/distinfo
--- a/www/wordpress/distinfo    Sun Feb 23 15:16:34 2020 +0000
+++ b/www/wordpress/distinfo    Sun Feb 23 18:10:23 2020 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.72 2019/12/04 08:06:04 morr Exp $
+$NetBSD: distinfo,v 1.72.4.1 2020/02/23 18:10:23 bsiegert Exp $
 
-SHA1 (wordpress-5.3.tar.gz) = e3edcb1131e539c2b2e10fed37f8b6683c824a98
-RMD160 (wordpress-5.3.tar.gz) = 9e52f5dfb0315d845f261d9ad5d14cf32f634e31
-SHA512 (wordpress-5.3.tar.gz) = 90a0df8a2b965c06ac10ba0dd3521b98bbd6040780bd2ccfa14a445bd2cbdb1311277563dd30f5cdc918a4177ec7c49e89260d95309fb08e271173f242fcfc07
-Size (wordpress-5.3.tar.gz) = 12372564 bytes
+SHA1 (wordpress-5.3.2.tar.gz) = fded476f112dbab14e3b5acddd2bcfa550e7b01b
+RMD160 (wordpress-5.3.2.tar.gz) = 4385dac6def9eeeb6fccdcc2b247ace9fc354b64
+SHA512 (wordpress-5.3.2.tar.gz) = d766d485d9a6a6efb2b92ffaec2ba1f773e55a6e018759bb6b196469b73db2857c34a3dfca1ac406e2b7066072a35c070c99f24b285a47b050e3d21317785198
+Size (wordpress-5.3.2.tar.gz) = 12389281 bytes



Home | Main Index | Thread Index | Old Index