kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Security update to version 3.9.2

Browse source 
Changes:

* Fixes a possible denial of service issue in PHP’s XML processing, reported by
  Nir Goldshlager of the Salesforce.com Product Security Team. Fixed by Michael
  Adams and Andrew Nacin of the WordPress security team and David Rothstein of
  the Drupal security team.
* Fixes a possible but unlikely code execution when processing widgets
  (WordPress is not affected by default), discovered by Alex Concha of the
  WordPress security team.
* Prevents information disclosure via XML entity attacks in the external GetID3
  library, reported by Ivan Novikov of ONSec.
* Adds protections against brute attacks against CSRF tokens, reported by David
  Tomaschik of the Google Security Team.
* Contains some additional security hardening, like preventing cross-site
  scripting that could be triggered only by administrators.
This commit is contained in:
morr 2014-08-17 08:48:33 +00:00
parent 9cea3f4878
commit 7e91482f99
3 changed files with 8 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
www/wordpress/Makefile
View file

@ -1,7 +1,7 @@
# $NetBSD: Makefile,v 1.40 2014/05/16 19:55:07 morr Exp $
# $NetBSD: Makefile,v 1.41 2014/08/17 08:48:33 morr Exp $
DISTNAME= wordpress-${VERSION}
VERSION= 3.9.1
VERSION= 3.9.2
CATEGORIES= www
MASTER_SITES= http://wordpress.org/

3
www/wordpress/PLIST
View file

@ -1,4 +1,4 @@
@comment $NetBSD: PLIST,v 1.20 2014/05/16 19:55:07 morr Exp $
@comment $NetBSD: PLIST,v 1.21 2014/08/17 08:48:33 morr Exp $
share/doc/wordpress/license.txt
share/doc/wordpress/readme.html
share/examples/wordpress/wordpress.conf
@ -423,6 +423,7 @@ share/wordpress/wp-admin/widgets.php
share/wordpress/wp-blog-header.php
share/wordpress/wp-comments-post.php
share/wordpress/wp-content/index.php
share/wordpress/wp-content/plugins/akismet/.htaccess
share/wordpress/wp-content/plugins/akismet/_inc/akismet.css
share/wordpress/wp-content/plugins/akismet/_inc/akismet.js
share/wordpress/wp-content/plugins/akismet/_inc/form.js

8
www/wordpress/distinfo
View file

@ -1,5 +1,5 @@
$NetBSD: distinfo,v 1.32 2014/05/16 19:55:07 morr Exp $
$NetBSD: distinfo,v 1.33 2014/08/17 08:48:33 morr Exp $
SHA1 (wordpress-3.9.1.tar.gz) = 4c8cded9eb66bc82c9f13e24cfd005be530de52a
RMD160 (wordpress-3.9.1.tar.gz) = 8f1f9afe163a2a40296105453e4cb576de4e0a86
Size (wordpress-3.9.1.tar.gz) = 5812042 bytes
SHA1 (wordpress-3.9.2.tar.gz) = a2e3518bcf2733f9fa82f7a2bed09ab65ac63c72
RMD160 (wordpress-3.9.2.tar.gz) = eb0c24aa281885bfab8591d4f99f68255ed270d0
Size (wordpress-3.9.2.tar.gz) = 5813685 bytes