Navigation:
Browse pkgsrc
(this page) 2011-05-27 13:07:01 by Steven Drake | Files touched by this commit (2) |  |
Log message:
Pullup ticket #3441 - requested by morr
www/wordpress security update
Revisions pulled up:
- www/wordpress/Makefile 1.19
- www/wordpress/distinfo 1.15
---
Module Name: pkgsrc
Committed By: morr
Date: Thu May 26 22:59:38 UTC 2011
Modified Files:
pkgsrc/www/wordpress: Makefile distinfo
Log message:
Security update to 3.1.3.
* Various security hardening by Alexander Concha.
* Taxonomy query hardening by John Lamansky.
* Prevent sniffing out user names of non-authors by using canonical
redirects. Props VerĂ³nica Valeros.
* Media security fixes by Richard Lundeen of Microsoft, Jesse Ou of
Microsoft, and Microsoft Vulnerability Research.
* Improves file upload security on hosts with dangerous security
settings.
* Cleans up old WordPress import files if the import does not finish.
* Introduce "clickjacking" protection in modern browsers on admin and
login pages.
|
| 2011-05-09 06:59:08 by Steven Drake | Files touched by this commit (2) | |
Log message:
Pullup ticket #3425 - requested by morr
www/wordpress security update.
Revisions pulled up:
- www/wordpress/Makefile 1.18
- www/wordpress/distinfo 1.14
---
Module Name: pkgsrc
Committed By: morr
Date: Sun May 8 20:43:36 UTC 2011
Modified Files:
pkgsrc/www/wordpress: Makefile distinfo
Log message:
Security update to 3.1.2.
* Fix a vulnerability that allowed Contributor-level users to improperly
publish posts.
* Fix user queries ordered by post count.
* Fix multiple tag queries.
* Prevent over-escaping of post titles when using Quick Edit for pages.
|
| 2011-04-11 16:20:17 by Matthias Scheler | Files touched by this commit (2) | |
Log message: Pullup ticket #3408 - requested by morr www/wordpress security update Revisions pulled up: - www/wordpress/Makefile 1.17 - www/wordpress/distinfo 1.13 --- Module Name: pkgsrc Committed By: morr Date: Sat Apr 9 00:57:43 UTC 2011 Modified Files: pkgsrc/www/wordpress: Makefile distinfo Log message: Update to wordpress 3.1.1. This maintenance and security release fixes almost thirty issues in 3.1, including: * Some security hardening to media uploads * Performance improvements * Fixes for IIS6 support * Fixes for taxonomy and PATHINFO (/index.php/) permalinks * Fixes for various query and taxonomy edge cases that caused some plugin compatibility issues Version 3.1.1 also addresses three security issues discovered by WordPress core developers Jon Cave and Peter Westwood, of wordpress's security team. The first hardens CSRF prevention in the media uploader. The second avoids a PHP crash in certain environments when handling devilishly devised links in comments, and the third addresses an XSS flaw. |
New packages: