Next | Query returned 1 messages, browsing 1 to 10 | previous

History of commit frequency

CVS Commit History:


   2013-06-30 01:38:30 by Matthias Scheler | Files touched by this commit (3) | Package updated
Log message:
Pullup ticket #4166 - requested by morr
www/wordpress: security update

Revisions pulled up:
- www/wordpress/Makefile                                        1.32-1.33
- www/wordpress/PLIST                                           1.15
- www/wordpress/distinfo                                        1.25

---
   Module Name:	pkgsrc
   Committed By:	morr
   Date:		Mon Jun 24 16:13:21 UTC 2013

   Modified Files:
   	pkgsrc/www/wordpress: Makefile distinfo

   Log message:
   Security update to version 3.5.2.

   Fixed issues:

   * Server-Side Request Forgery (SSRF) via the HTTP API. CVE-2013-2199.
   * Privilege Escalation: Contributors can publish posts, and users can \ 
reassign authorship. CVE-2013-2200.
   * Cross-Site Scripting (XSS) in SWFUpload. CVE-2013-2205.
   * Denial of Service (DoS) via Post Password Cookies. CVE-2013-2173.
   * Content Spoofing via Flash Applet in TinyMCE Media Plugin. CVE-2013-2204.
   * Cross-Site Scripting (XSS) when Uploading Media. CVE-2013-2201.
   * Full Path Disclosure (FPD) during File Upload. CVE-2013-2203.

   * Cross-Site Scripting (XSS) (Low Severity) when Editing Media. CVE-2013-2201.
   * Cross-Site Scripting (XSS) (Low Severity) when Installing/Updating \ 
Plugins/Themes. CVE-2013-2201.
   * XML External Entity Injection (XXE) via oEmbed. CVE-2013-2202.

---
   Module Name:    pkgsrc
   Committed By:   morr
   Date:           Mon Jun 24 16:16:42 UTC 2013

   Modified Files:
           pkgsrc/www/wordpress: Makefile

   Log message:
   Remove pkgrevision bit

---
   Module Name:    pkgsrc
   Committed By:   morr
   Date:           Thu Jun 27 08:04:57 UTC 2013

   Modified Files:
           pkgsrc/www/wordpress: PLIST

   Log message:
   Fix PLIST file, unbreak build

Next | Query returned 1 messages, browsing 1 to 10 | previous