Subject: CVS commit: [pkgsrc-2017Q3] pkgsrc/www/wordpress
From: Benny Siegert
Date: 2017-11-06 20:41:33
Message id: 20171106194133.240CAFBDE@cvs.NetBSD.org

Log Message:
Pullup ticket #5616 - requested by morr
www/wordpress: security fix

Revisions pulled up:
- www/wordpress/Makefile                                        1.73
- www/wordpress/PLIST                                           1.35
- www/wordpress/distinfo                                        1.58

---
   Module Name:    pkgsrc
   Committed By:   morr
   Date:           Fri Nov  3 09:49:13 UTC 2017

   Modified Files:
           pkgsrc/www/wordpress: Makefile PLIST distinfo

   Log Message:
   Security update to version 4.8.3.

   WordPress versions 4.8.2 and earlier are affected by an issue where
   $wpdb->prepare() can create unexpected and unsafe queries leading to potential
   SQL injection (SQLi). WordPress core is not directly vulnerable to this issue,
   but we’ve added hardening to prevent plugins and themes from accidentally
   causing a vulnerability. Reported by Anthony Ferrara.

Files:
RevisionActionfile
1.72.4.1modifypkgsrc/www/wordpress/Makefile
1.34.6.1modifypkgsrc/www/wordpress/PLIST
1.57.4.1modifypkgsrc/www/wordpress/distinfo