MIME-Version: 1.0
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"
Date: Fri, 31 Dec 2010 07:12:18 +0000
From: "Steven Drake" <sbd@netbsd.org>
Subject: CVS commit: [pkgsrc-2010Q3] pkgsrc/www/wordpress
To: pkgsrc-changes@NetBSD.org
Reply-To: sbd@netbsd.org
Message-Id: <20101231071219.0EAC6175DD@cvs.netbsd.org>
Sender: pkgsrc-changes-owner@NetBSD.org
Precedence: bulk

Module Name:	pkgsrc
Committed By:	sbd
Date:		Fri Dec 31 07:12:18 UTC 2010

Modified Files:
	pkgsrc/www/wordpress [pkgsrc-2010Q3]: Makefile distinfo

Log Message:
Pullup ticket #3314 - requested by morr
wordpress critical security update.

Revisions pulled up:
- www/wordpress/Makefile	1.14
- www/wordpress/distinfo	1.10

-------------------------------------------------------------------------
Module Name:	pkgsrc
Committed By:	morr
Date:		Thu Dec 30 22:27:45 UTC 2010

Modified Files:
	pkgsrc/www/wordpress: Makefile distinfo

Log Message:
Critical security update.
ChangeLog:

* Fix XSS vulnerabilities in the KSES library: Don't be case sensitive
  to attribute names. Handle padded entities when checking for bad
  protocols. Normalize entities before checking for bad protocols in
  esc_url().


To generate a diff of this commit:
cvs rdiff -u -r1.11.2.2 -r1.11.2.3 pkgsrc/www/wordpress/Makefile
cvs rdiff -u -r1.7.2.2 -r1.7.2.3 pkgsrc/www/wordpress/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.