Navigation:
Browse pkgsrc
(this page) 2017-06-21 20:52:40 by Benny Siegert | Files touched by this commit (3) |  |
Log message:
Pullup ticket #5487 - requested by sevan
www/wordpress: security fix
Revisions pulled up:
- www/wordpress/Makefile 1.68-1.69
- www/wordpress/PLIST 1.34
- www/wordpress/distinfo 1.54-1.55
---
Module Name: pkgsrc
Committed By: jklos
Date: Tue May 30 07:20:15 UTC 2017
Modified Files:
pkgsrc/www/wordpress: Makefile distinfo
Log message:
Security update 4.7.5. Bugs fixed:
Insufficient redirect validation in the HTTP class. Reported by Ronni
Skansing.
Improper handling of post meta data values in the XML-RPC API. Reported by
Sam Thomas.
Lack of capability checks for post meta data in the XML-RPC API. Reported
by Ben Bidner of the WordPress Security Team.
A Cross Site Request Forgery (CSRF) vulnerability was discovered in the
filesystem credentials dialog. Reported by Yorick Koster.
A cross-site scripting (XSS) vulnerability was discovered when attempting
to upload very large files. Reported by Ronni Skansing.
A cross-site scripting (XSS) vulnerability was discovered related to the
Customizer. Reported by Weston Ruter of the WordPress Security Team.
---
Module Name: pkgsrc
Committed By: morr
Date: Sun Jun 18 18:01:42 UTC 2017
Modified Files:
pkgsrc/www/wordpress: Makefile PLIST distinfo
Log message:
Update to newest version 4.8.
For changes, check https://codex.wordpress.org/Version_4.8.
|
New packages: