---
- branch: MAIN
  date: Sun Apr 13 14:10:59 UTC 2014
  files:
  - new: '1.39'
    old: '1.38'
    path: pkgsrc/www/wordpress/Makefile
    pathrev: pkgsrc/www/wordpress/Makefile@1.39
    type: modified
  - new: '1.31'
    old: '1.30'
    path: pkgsrc/www/wordpress/distinfo
    pathrev: pkgsrc/www/wordpress/distinfo@1.31
    type: modified
  id: 20140413T141059Z.42f6ee45e33990d12af2ced58461e3a401cd5694
  log: |
    Update to newest version of Wordpress, containing security fixes.

    It contains 9 bugfixes and 5 security fixes:

    * Potential authentication cookie forgery. CVE-2014-0166.
    * Privilege escalation: prevent contributors from publishing posts. CVE-2014-0165.
    * (Hardening) Pass along additional information when processing pingbacks to help hosts identify potentially abusive requests.
    * (Hardening) Fix a low-impact SQL injection by trusted users.
    * (Hardening) Prevent possible cross-domain scripting through Plupload, the third-party library WordPress uses for uploading files.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/www/wordpress'
  unixtime: '1397398259'
  user: morr