Navigation:
Browse pkgsrc
(this page) 2013-06-30 01:38:30 by Matthias Scheler | Files touched by this commit (3) |  |
Log message:
Pullup ticket #4166 - requested by morr
www/wordpress: security update
Revisions pulled up:
- www/wordpress/Makefile 1.32-1.33
- www/wordpress/PLIST 1.15
- www/wordpress/distinfo 1.25
---
Module Name: pkgsrc
Committed By: morr
Date: Mon Jun 24 16:13:21 UTC 2013
Modified Files:
pkgsrc/www/wordpress: Makefile distinfo
Log message:
Security update to version 3.5.2.
Fixed issues:
* Server-Side Request Forgery (SSRF) via the HTTP API. CVE-2013-2199.
* Privilege Escalation: Contributors can publish posts, and users can \
reassign authorship. CVE-2013-2200.
* Cross-Site Scripting (XSS) in SWFUpload. CVE-2013-2205.
* Denial of Service (DoS) via Post Password Cookies. CVE-2013-2173.
* Content Spoofing via Flash Applet in TinyMCE Media Plugin. CVE-2013-2204.
* Cross-Site Scripting (XSS) when Uploading Media. CVE-2013-2201.
* Full Path Disclosure (FPD) during File Upload. CVE-2013-2203.
* Cross-Site Scripting (XSS) (Low Severity) when Editing Media. CVE-2013-2201.
* Cross-Site Scripting (XSS) (Low Severity) when Installing/Updating \
Plugins/Themes. CVE-2013-2201.
* XML External Entity Injection (XXE) via oEmbed. CVE-2013-2202.
---
Module Name: pkgsrc
Committed By: morr
Date: Mon Jun 24 16:16:42 UTC 2013
Modified Files:
pkgsrc/www/wordpress: Makefile
Log message:
Remove pkgrevision bit
---
Module Name: pkgsrc
Committed By: morr
Date: Thu Jun 27 08:04:57 UTC 2013
Modified Files:
pkgsrc/www/wordpress: PLIST
Log message:
Fix PLIST file, unbreak build
|
New packages: