- Update to 3.4.2 [1] [2] [3]

- Document security issue [4]

PR:		ports/171397 [1]
PR:		ports/171404 [2]
PR:		ports/171405 [3]
Submitted by:	Yuan-Chung Hsiao <ychsiao@ychsiao.org> (maintainer) [1]
Submitted by:	Joe Horn <joehorn@gmail.com> (maintainer) [2] [3]
Reviewed by:	eadler [4]
Security:	30149157-f926-11e1-95cd-001fd0af1a4c

chinese/wordpress-zh_CN/Makefile

@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	wordpress
-PORTVERSION=	3.4.1
+PORTVERSION=	3.4.2
 CATEGORIES=	chinese www
 MASTER_SITES=	http://cn.wordpress.org/ \
 		http://mirror.joehorn.idv.tw/wordpress/
@@ -20,7 +20,7 @@ LICENSE=	GPLv2
 
 WRKSRC=		${WRKDIR}/${PORTNAME}
 
-USE_PHP=	mysql pcre xml gd tokenizer
+USE_PHP=	curl gd mysql pcre tokenizer xml zip
 NO_BUILD=	YES
 WANT_PHP_WEB=	YES
 

chinese/wordpress-zh_CN/distinfo

@@ -1,2 +1,2 @@
-SHA256 (wordpress-3.4.1-zh_CN.tar.gz) = 243ee6297b63d6e3529de87db151c7c1903c7b5951422faeb28f561257c03b4b
-SIZE (wordpress-3.4.1-zh_CN.tar.gz) = 4938612
+SHA256 (wordpress-3.4.2-zh_CN.tar.gz) = 10095c73deb7d73f8a52f503de2c7f8e22affea59850897b0629167cf20efe52
+SIZE (wordpress-3.4.2-zh_CN.tar.gz) = 4938647

chinese/wordpress-zh_TW/Makefile

@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	wordpress
-PORTVERSION=	3.4.1
+PORTVERSION=	3.4.2
 CATEGORIES=	chinese www
 MASTER_SITES=	http://tw.wordpress.org/ \
 		http://mirror.joehorn.idv.tw/wordpress/
@@ -20,7 +20,7 @@ LICENSE=	GPLv2
 
 WRKSRC=		${WRKDIR}/${PORTNAME}
 
-USE_PHP=	mysql pcre xml gd tokenizer
+USE_PHP=	curl gd mysql pcre tokenizer xml zip
 NO_BUILD=	YES
 WANT_PHP_WEB=	YES
 

chinese/wordpress-zh_TW/distinfo

@@ -1,2 +1,2 @@
-SHA256 (wordpress-3.4.1-zh_TW.tar.gz) = 40f456dfd1d7ca313423775adddc4f9c3132e93d3083c0ced7aa99f57f902b82
-SIZE (wordpress-3.4.1-zh_TW.tar.gz) = 4939683
+SHA256 (wordpress-3.4.2-zh_TW.tar.gz) = 8aef4d86ac8f181ca499ab16948568f170b8a1e81ac4c330f7807f0965d3bfa1
+SIZE (wordpress-3.4.2-zh_TW.tar.gz) = 4924530

security/vuxml/vuln.xml

@@ -51,6 +51,35 @@ Note:  Please add new entries to the beginning of this file.
 
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="30149157-f926-11e1-95cd-001fd0af1a4c">
+    <topic>wordpress -- multiple unspecified privilege escalation bugs</topic>
+    <affects>
+      <package>
+	<name>wordpress</name>
+	<range><lt>3.4.2</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+       <p>Wordpress reports:</p>
+	<blockquote cite="http://wordpress.org/news/2012/09/wordpress-3-4-2/">
+	 <p>Version 3.4.2 also fixes a few security issues and contains some
+	    security hardening. The vulnerabilities included potential
+	    privilege escalation and a bug that affects multisite installs with
+	    untrusted users. These issues were discovered and fixed by the
+	    WordPress security team.</p>
+       </blockquote>
+      </body>
+    </description>
+    <references>
+      <url>http://wordpress.org/news/2012/09/wordpress-3-4-2/</url>
+    </references>
+    <dates>
+      <discovery>2012-09-06</discovery>
+      <entry>2012-09-07</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="4a8a98ab-f745-11e1-8bd8-0022156e8794">
     <topic>moinmoin -- cross-site scripting via RST parser</topic>
     <affects>

www/wordpress/Makefile

@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	wordpress
-PORTVERSION=	3.4.1
+PORTVERSION=	3.4.2
 PORTEPOCH=	1
 CATEGORIES=	www
 MASTER_SITES=	http://wordpress.org/

www/wordpress/distinfo

@@ -1,2 +1,2 @@
-SHA256 (wordpress-3.4.1.tar.gz) = c452c0b07e87ea6ce73e294a831d494eea9df43d8ca9140b087067d6a4166d15
-SIZE (wordpress-3.4.1.tar.gz) = 4536505
+SHA256 (wordpress-3.4.2.tar.gz) = e69acc6b6fdbffc166fd96f2264d578b4944ef3e451eb9650e8ca795b665eeb0
+SIZE (wordpress-3.4.2.tar.gz) = 4538716