Next | Query returned 3 messages, browsing 1 to 10 | previous

History of commit frequency

CVS Commit History:


   2010-12-31 08:12:18 by Steven Drake | Files touched by this commit (2) | Package updated
Log message:
Pullup ticket #3314 - requested by morr
wordpress critical security update.

Revisions pulled up:
- www/wordpress/Makefile	1.14
- www/wordpress/distinfo	1.10

-------------------------------------------------------------------------
Module Name:	pkgsrc
Committed By:	morr
Date:		Thu Dec 30 22:27:45 UTC 2010

Modified Files:
	pkgsrc/www/wordpress: Makefile distinfo

Log message:
Critical security update.
ChangeLog:

* Fix XSS vulnerabilities in the KSES library: Don't be case sensitive
  to attribute names. Handle padded entities when checking for bad
  protocols. Normalize entities before checking for bad protocols in
  esc_url().
   2010-12-12 16:34:39 by Matthias Scheler | Files touched by this commit (2) | Package updated
Log message:
Pullup ticket #3300 - requested by morr
www/wordpress: security update

Revisions pulled up:
- www/wordpress/Makefile			1.13
- www/wordpress/distinfo			1.9
---
Module Name:	pkgsrc
Committed By:	morr
Date:		Fri Dec 10 23:34:18 UTC 2010

Modified Files:
	pkgsrc/www/wordpress: Makefile distinfo

Log message:
Security update to 3.0.3. Changes:

Fixes issues in the XML-RPC remote publishing interface which under certain \ 
circumstances allowed Author- and Contributor-level users to improperly edit, \ 
publish or delete posts.
   2010-12-07 13:08:21 by Matthias Scheler | Files touched by this commit (3) | Package updated
Log message:
Pullup ticket #3296 - requested by morr
www/wordpress: security update

Revisions pulled up:
- www/wordpress/Makefile			1.12
- www/wordpress/PLIST				1.7
- www/wordpress/distinfo			1.8
---
Module Name:	pkgsrc
Committed By:	morr
Date:		Sun Dec  5 16:46:29 UTC 2010

Modified Files:
	pkgsrc/www/wordpress: Makefile PLIST distinfo

Log message:
Security update. Changes:

* Fix moderate security issue where a malicious Author-level user could
  gain further access to the site.

* Remove pingback/trackback blogroll whitelisting feature as it can
  easily be abused.
* Fix canonical redirection for permalinks containing %category% with
  nested categories and paging.
* Fix occasional irrelevant error messages on plugin activation.
* Minor XSS fixes in request_filesystem_credentials() and when deleting
  a plugin.
* Clarify the license in the readme
* Multisite: Fix the delete_user meta capability
* Multisite: Force current_user_can_for_blog() to run map_meta_cap()
  even for super admins
* Multisite: Fix ms-files.php content type headers when requesting a
  URL with a query string
* Multisite: Fix the usage of the SUBDOMAIN_INSTALL constant for
  upgraded WordPress MU installs

While here, set license.

Next | Query returned 3 messages, browsing 1 to 10 | previous