pkgsrc.se | The NetBSD package collection

Subject: CVS commit: [pkgsrc-2010Q3] pkgsrc/www/wordpress
From: Steven Drake
Date: 2010-12-31 08:12:18
Message id: 20101231071219.0EAC6175DD@cvs.netbsd.org

Log Message:
Pullup ticket #3314 - requested by morr
wordpress critical security update.

Revisions pulled up:
- www/wordpress/Makefile	1.14
- www/wordpress/distinfo	1.10

-------------------------------------------------------------------------
Module Name:	pkgsrc
Committed By:	morr
Date:		Thu Dec 30 22:27:45 UTC 2010

Modified Files:
	pkgsrc/www/wordpress: Makefile distinfo

Log Message:
Critical security update.
ChangeLog:

* Fix XSS vulnerabilities in the KSES library: Don't be case sensitive
  to attribute names. Handle padded entities when checking for bad
  protocols. Normalize entities before checking for bad protocols in
  esc_url().

Files:

Revision	Action	file
1.11.2.3	modify	pkgsrc/www/wordpress/Makefile
1.7.2.3	modify	pkgsrc/www/wordpress/distinfo