Navigation:
Browse pkgsrc
(this page)
www wordpres..
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ] 2022-03-13 19:48:14 by Benny Siegert | Files touched by this commit (3) |  |
Log message:
Pullup ticket #6600 - requested by morr
www/wordpress: security fix
Revisions pulled up:
- www/wordpress/Makefile 1.103-1.104
- www/wordpress/PLIST 1.51
- www/wordpress/distinfo 1.87-1.88
---
Module Name: pkgsrc
Committed By: morr
Date: Tue Feb 22 23:14:24 UTC 2022
Modified Files:
pkgsrc/www/wordpress: Makefile PLIST distinfo
Log message:
Update to version 5.9.1
Changes for 5.9 are too big to list. You can view them here: \
https://wordpress.org/news/2022/01/josephine/
Changes in 5.9.1:
WordPress 5.9.1 features 33 bug fixes on Core, as well as 52 bug fixes for \
the Block \
Editor. The WordPress 5.9.1 release was led by Jean-Baptiste Audras and George \
Mamadashvili. The following core tickets from Trac were fixed:
#54250 Twenty Twenty One: Editor Buttons margins incompatible with gap
#54782 Default presets in use by default themes need to be updated
#54844 Unnecessary database queries when a block theme isn't in use
#54849 Site transients cause DB errors when installing
#54862 FSE Navigation Block Styling Submenu
#54886 "Show hidden updates" button is invisible
#54889 Cannot access "Manage menus" in Navigation block \
toolbar when running a \
classic theme #54896 TT2: Blank screen displayed for custom post type
#54900 PHP warning in `WP_REST_Global_Styles_Controller` if no `styles` \
exist in \
theme.json #54902 Media Library Overlay Drag-and-Drop To Reorder Images \
Does Not \
Work In WP 5.9 #54904 Bounce hoverIntent.js version in script-loader to 10.1.2
#54906 Check _get_cron_array type in upgrade_590 routine
#54908 Standard post type UI is exposed for templates and template parts
#54911 Twenty Twenty-Two: Theme Check Plugin issue for the image size
#54922 Normalizing CSS also catches CSS IDs instead of only URLs
#54928 Twenty Twenty-Two: 404 search label should be translated
#54929 Twenty Twenty-Two: Pricing Table pattern header levels should be \
consistent #54944 By applying a background color to a group block, it \
aligns to the \
left in the editor #54955 Custom fields issue
#54960 Media Library Dragging Option Isn't Reflected
#54977 Dashboard welcome banner: fix bug when displayed in certain contexts
#55018 Twenty Twenty-Two – Update theme URI link
#55072 Widgets editor: Widget Group is missing \
.wp-widget-group__inner-blocks \
container #55103 Twenty Twenty-Two: Restore padding for Group blocks with a \
background color #55109 Plugins no longer download to tmp folder
#55148 In block themes, styles should load in the head
#55151 View scripts of blocks are loaded in editor
#55161 Full Site Editing: PHP Warning with incomplete presets
#55177 Normalizing relative CSS links should skip data URIs
#55178 Allow fully extending WP_Theme_JSON and WP_Theme_JSON_Resolver classes
#55179 Backport bugfixes from Gutenberg into Core for WP 5.9.1
#55188 Block styles should load after global styles in the editor
#55190 Global styles duotone not rendering in post editor
The following block editor issues from GitHub were fixed:
PR38857 Fix for late static binding in the resolver
PR38780 Block Editor: Add settings to enable/disable auto anchor generation
PR38750 Load block support styles in the head for block themes
PR38745 Fix global styles loading logic
PR38695 Site Editor: Limit template part slugs to Latin chars
PR38671 Allow extending the WP_Theme_JSON_Gutenberg class
PR38656 Edit Site: Add template check to ‘setPage' action
PR38655 Add site editor initial redirect error handling
PR38649 Fix search block html handling for label and button text
PR38642 Gallery block: copy all attributes when transforming to Image blocks
PR38625 Allow child classes to use the private methods and constants
PR38561 Only apply the social links block migration if there's a need for a \
migration PR38516 Block preview: fix resize listener
PR38442 Duotone: Allow users to specify custom filters
PR38432 Remove the aria-label from the site title block
PR38399 Images: Try moving responsive rule to common.scss.
PR38362 Cover block: Add back missing styles
PR38310 Gallery block: fix bug with link destination default option not \
being \
set PR38189 Gallery: Ensure the last image takes up all available space
PR38070 Post Editor: Fix template queries
PR37983 Tree Grid: Fix keyboard navigation for expand/collapse table \
rows in \
Firefox PR37954 Fix duotone render in non-fse themes
PR37941 Unset inherited backgrounds on Posts Lists
PR37895 Site Editor: Fix broken ‘Redo' by removing faulty logic \
for discarding \
unsaved Logo changes PR37885 Load the global styles before the theme styles \
in the \
editor PR37853 Block.json schema: update fontSize and lineHeight props
PR37840 [History]: Fix redo after update/publish with transient edits
PR37778 Update core/archive block schema to reflect no block-level settings \
support PR37774 Spacer: Fix unit settings filter
PR37762 Schema: Fix appearanceTools in theme.json schema
PR37650 Site Editor: Add keyboard shortcut help modal
PR37647 Site Editor: Add the "Help" link to the tools menu
PR37644 Fix: Coloring panel is unusable in RTL
PR37569 Docs: Add automated theme.json reference documentation
PR37493 Update: make color style labels simpler
PR37486 Show UI warning if Pages cannot be retrieved in Page List block
PR37474 Fix empty gray circle when site has no logo on template list page
PR37430 Update: Allow color gradient popover to be above the color toggle
PR37425 Border panel: Collapse color controls
PR37248 Site editor – try redirecting to homepage before the \
react render
PR37165 Remove versioning in theme schema descriptions
PR37067 Update: PanelColorGradientSettings to use dropdowns
PR37034 Block Editor: Handle the absence of href attrib in links
PR36917 Update theme.json version
PR36746 Update theme.json schema to allow for per-block management of \
settings
PR36540 Post Featured Image: Move width and height controls into the \
Dimensions \
panel via SlotFill PR36411 Schemas: Allow custom blocks in theme.json styles
PR36343 Add pattern to name key in block.json Schema
PR36295 Schema: Allow block.json attribute type to be an array
PR36236 Fix duotone theme cache
PR36186 Spacer: add custom units for height and width
PR30873 Focus save button when entities save states panel is opened
---
Module Name: pkgsrc
Committed By: morr
Date: Sat Mar 12 17:16:30 UTC 2022
Modified Files:
pkgsrc/www/wordpress: Makefile distinfo
Log message:
Security fix for Wordpress.
Fixing 1 bug and 3 security bugs.
More informaton here:
https://wordpress.org/support/wordpress-version/version-5-9-2/
|
| 2022-01-14 08:33:32 by Benny Siegert | Files touched by this commit (3) | |
Log message:
Pullup ticket #6567 - requested by morr
www/wordpress: security fix
Revisions pulled up:
- www/wordpress/Makefile 1.102
- www/wordpress/PLIST 1.50
- www/wordpress/distinfo 1.86
---
Module Name: pkgsrc
Committed By: morr
Date: Mon Jan 10 20:48:20 UTC 2022
Modified Files:
pkgsrc/www/wordpress: Makefile PLIST distinfo
Log message:
Security update to 5.8.3.
Changes since 5.8:
5.8.3
4 security issues affect WordPress versions between 3.7 and 5.8. If you \
haven't yet updated to 5.8, all WordPress versions since 3.7 have also been \
updated to fix the following security issues:
* Props to Karim El Ouerghemmi and Simon Scannell of SonarSource for \
disclosing an issue with stored XSS through post slugs.
* Props to Simon Scannell of SonarSource for reporting an issue with Object \
injection in some multisite installations.
* Props to ngocnb and khuyenn from GiaoHangTietKiem JSC for working with \
Trend Micro Zero Day Initiative on reporting a SQL injection vulnerability in \
WP_Query.
* Props to Ben Bidner from the WordPress security team for reporting a SQL \
injection vulnerability in WP_Meta_Query.
More info on https://wordpress.org/support/wordpress-version/version-5-8-3/
5.8.2
1 security update and fixed 2 bugs.
More info on https://wordpress.org/support/wordpress-version/version-5-8-2/
5.8.1
3 security issues affects WordPress versions between 5.4 and 5.8. If you \
haven't yet updated to 5.8, all WordPress versions since 5.4 have also been \
updated to fix the following security issues:
* Props @mdawaffe, member of the WordPress Security Team for their work \
fixing a data exposure vulnerability within the REST API.
* Props to Michal Bentkowski of Securitum for reporting a XSS vulnerability \
in the block editor.
* The Lodash library has been updated to version 4.17.21 in each branch to \
incorporate upstream security fixes.
In addition to these issues, the security team would like to thank the \
following people for reporting vulnerabilities during the WordPress 5.8 beta \
testing period, allowing them to be fixed prior to release:
* Props Evan Ricafort for reporting a XSS vulnerability in the block editor \
discovered during the 5.8 release's beta period.
* Props Steve Henty for reporting a privilege escalation issue in the block \
editor.
More info on https://wordpress.org/support/wordpress-version/version-5-8-1/
|
New packages: