Received: by mail.netbsd.org (Postfix, from userid 605) id F173684DC2; Sun, 21 Jun 2020 16:42:57 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 7792184D88 for ; Sun, 21 Jun 2020 16:42:57 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id YFsLlQOIk_jP for ; Sun, 21 Jun 2020 16:42:56 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id 2E31B84D28 for ; Sun, 21 Jun 2020 16:42:56 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id 1D5ABFB28; Sun, 21 Jun 2020 16:42:56 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_159275777674570" MIME-Version: 1.0 Date: Sun, 21 Jun 2020 16:42:56 +0000 From: "Takahiro Kambe" Subject: CVS commit: pkgsrc/www/php-ja-wordpress To: pkgsrc-changes@NetBSD.org Reply-To: taca@netbsd.org X-Mailer: log_accum Message-Id: <20200621164256.1D5ABFB28@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk List-Unsubscribe: This is a multi-part message in MIME format. --_----------=_159275777674570 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: taca Date: Sun Jun 21 16:42:56 UTC 2020 Modified Files: pkgsrc/www/php-ja-wordpress: MESSAGE Makefile PLIST distinfo Log Message: www/php-ja-wordpress: update to 5.4.2 Update php-ja-wordpress to 5.4.2 pkgsrc changes: clean up Makefile a little. Quote from release document but omit maintenance updates for 5.4.1 and later. 5.3.2 (2019-12-18) Maintenance updates - Date/Time: Ensure that get_feed_build_date() correctly handles a modified post object with invalid date. - Uploads: Fix file name collision in wp_unique_filename() when uploading a file with upper case extension on non case-sensitive file systems. - Media: Fix PHP warnings in wp_unique_filename() when the destination directory is unreadable. - Administration: Fix the colors in all color schemes for buttons with the .active class. - Tests/build tools: In wp_insert_post(), when checking the post date to set future or publish status, use a proper delta comparison. 5.4 (2020-03-31) Too much to include here, visit https://wordpress.org/support/wordpress-version/version-5-4/ 5.4.1 (2020-04-29)5.4 Six security issues affect WordPress versions 5.4 and earlier; version 5.4.1 fixes them, so you'll want to upgrade. If you haven't yet updated to 5.4, there are also updated versions of 5.3 and earlier that fix the security issues. - Props to Muaz Bin Abdus Sattar and Jannes who both independently reported an issue where password reset tokens were not properly invalidated - Props to ka1n4t for finding an issue where certain private posts can be viewed unauthenticated - Props to Evan Ricafort for discovering an XSS issue in the Customizer - Props to Ben Bidner from the WordPress Security Team who discovered an XSS issue in the search block - Props to Nick Daugherty from WPVIP.com / WordPress Security Team who discovered an XSS issue in wp-object-cache - Props to Ronnie Goodrich (Kahoots) and Jason Medeiros who independently reported an XSS issue in file uploads. - Additionally, an authenticated XSS issue in the block editor was discovered by Nguyen the Duc in WordPress 5.4 RC1 and RC2. It was fixed in 5.4 RC5. We wanted to be sure to give credit and thank them for all of their work in making WordPress more secure. 5.4.2 (2020-06-10) Security Updates WordPress versions 5.4 and earlier are affected by the following bugs, which are fixed in version 5.4.2. If you haven't yet updated to 5.4, there are also updated versions of 5.3 and earlier that fix the security issues. - Props to Sam Thomas (jazzy2fives) for finding an XSS issue where authenticated users with low privileges are able to add JavaScript to posts in the block editor. - Props to Luigi - (gubello.me) for discovering an XSS issue where authenticated users with upload permissions are able to add JavaScript to media files. - Props to Ben Bidner of the WordPress Security Team for finding an open redirect issue in wp_validate_redirect(). - Props to Nrimo Ing Pandum for finding an authenticated XSS issue via theme uploads. - Props to Simon Scannell of RIPS Technologies for finding an issue where set-screen-option can be misused by plugins leading to privilege escalation. - Props to Carolina Nymark for discovering an issue where comments from password-protected posts and pages could be displayed under certain conditions. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 pkgsrc/www/php-ja-wordpress/MESSAGE cvs rdiff -u -r1.18 -r1.19 pkgsrc/www/php-ja-wordpress/Makefile cvs rdiff -u -r1.11 -r1.12 pkgsrc/www/php-ja-wordpress/PLIST cvs rdiff -u -r1.15 -r1.16 pkgsrc/www/php-ja-wordpress/distinfo Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_159275777674570 Content-Disposition: inline Content-Length: 11733 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/www/php-ja-wordpress/MESSAGE diff -u pkgsrc/www/php-ja-wordpress/MESSAGE:1.4 pkgsrc/www/php-ja-wordpress/MESSAGE:1.5 --- pkgsrc/www/php-ja-wordpress/MESSAGE:1.4 Sun Oct 26 07:11:51 2014 +++ pkgsrc/www/php-ja-wordpress/MESSAGE Sun Jun 21 16:42:55 2020 @@ -1,10 +1,10 @@ =========================================================================== -$NetBSD: MESSAGE,v 1.4 2014/10/26 07:11:51 ryoon Exp $ +$NetBSD: MESSAGE,v 1.5 2020/06/21 16:42:55 taca Exp $ To use Japanese localized WordPress with Apache httpd 2.4 and php-fpm, you will need to perform the following steps. -1. Install databases/mysql55-server, and enable it, and set root password. +1. Install databases/mysql57-server, and enable it, and set root password. 2. Create the database for WordPress. Index: pkgsrc/www/php-ja-wordpress/Makefile diff -u pkgsrc/www/php-ja-wordpress/Makefile:1.18 pkgsrc/www/php-ja-wordpress/Makefile:1.19 --- pkgsrc/www/php-ja-wordpress/Makefile:1.18 Mon Dec 16 16:52:40 2019 +++ pkgsrc/www/php-ja-wordpress/Makefile Sun Jun 21 16:42:55 2020 @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.18 2019/12/16 16:52:40 taca Exp $ +# $NetBSD: Makefile,v 1.19 2020/06/21 16:42:55 taca Exp $ DISTNAME= wordpress-${VERSION}-ja PKGNAME= ${PHP_PKG_PREFIX}-ja-wordpress-${VERSION} -VERSION= 5.3.1 +VERSION= 5.4.2 CATEGORIES= www MASTER_SITES= https://ja.wordpress.org/ @@ -29,7 +29,7 @@ BUILD_DEFS+= WWW_USER WWW_GROUP APACHE_ EGDIR= ${PREFIX}/share/examples/ja-wordpress DOCDIR= ${PREFIX}/share/doc/ja-wordpress WPHOME= ${PREFIX}/share/ja-wordpress -MESSAGE_SUBST+= PKG_PHP_MAJOR_VERS=${PKG_PHP_MAJOR_VERS} +FILES_SUBST+= WPHOME=${WPHOME} MESSAGE_SUBST+= DOCDIR=${DOCDIR} CONF_FILES+= ${EGDIR}/ja-wordpress.conf ${PKG_SYSCONFDIR}/ja-wordpress.conf @@ -62,7 +62,6 @@ post-extract: do-install: ${INSTALL_DATA} ${WRKSRC}/readme.html ${DESTDIR}${DOCDIR} ${INSTALL_DATA} ${WRKSRC}/license.txt ${DESTDIR}${DOCDIR} - ${INSTALL_DATA} ${WRKSRC}/wp-config-sample.php ${DESTDIR}${EGDIR} ${INSTALL_DATA} ${WRKDIR}/ja-wordpress.conf ${DESTDIR}${EGDIR} Index: pkgsrc/www/php-ja-wordpress/PLIST diff -u pkgsrc/www/php-ja-wordpress/PLIST:1.11 pkgsrc/www/php-ja-wordpress/PLIST:1.12 --- pkgsrc/www/php-ja-wordpress/PLIST:1.11 Mon Dec 16 16:52:40 2019 +++ pkgsrc/www/php-ja-wordpress/PLIST Sun Jun 21 16:42:55 2020 @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.11 2019/12/16 16:52:40 taca Exp $ +@comment $NetBSD: PLIST,v 1.12 2020/06/21 16:42:55 taca Exp $ share/doc/ja-wordpress/license.txt share/doc/ja-wordpress/readme.html share/examples/ja-wordpress/ja-wordpress.conf @@ -449,8 +449,6 @@ share/ja-wordpress/wp-admin/js/widgets/t share/ja-wordpress/wp-admin/js/widgets/text-widgets.min.js share/ja-wordpress/wp-admin/js/word-count.js share/ja-wordpress/wp-admin/js/word-count.min.js -share/ja-wordpress/wp-admin/js/wp-fullscreen-stub.js -share/ja-wordpress/wp-admin/js/wp-fullscreen-stub.min.js share/ja-wordpress/wp-admin/js/xfn.js share/ja-wordpress/wp-admin/js/xfn.min.js share/ja-wordpress/wp-admin/link-add.php @@ -571,6 +569,7 @@ share/ja-wordpress/wp-content/languages/ share/ja-wordpress/wp-content/languages/ja-803bf1ce2131e13efc590c1bc47851fc.json share/ja-wordpress/wp-content/languages/ja-81c889563f09dd13de1701135dc62941.json share/ja-wordpress/wp-content/languages/ja-8860e58c20c6a2ab5876a0f07be43bd9.json +share/ja-wordpress/wp-content/languages/ja-947c76bb5095da30e16668eec15406b2.json share/ja-wordpress/wp-content/languages/ja-a25d1cc7bf7ca0b4e114f6bea64943f4.json share/ja-wordpress/wp-content/languages/ja-bf0f094965d3d4a95b47babcb35fc136.json share/ja-wordpress/wp-content/languages/ja-daeb084aab42199d26393a56c3465bc0.json @@ -595,6 +594,7 @@ share/ja-wordpress/wp-content/plugins/ak share/ja-wordpress/wp-content/plugins/akismet/_inc/form.js share/ja-wordpress/wp-content/plugins/akismet/_inc/img/logo-full-2x.png share/ja-wordpress/wp-content/plugins/akismet/akismet.php +share/ja-wordpress/wp-content/plugins/akismet/changelog.txt share/ja-wordpress/wp-content/plugins/akismet/class.akismet-admin.php share/ja-wordpress/wp-content/plugins/akismet/class.akismet-cli.php share/ja-wordpress/wp-content/plugins/akismet/class.akismet-rest-api.php @@ -632,6 +632,7 @@ share/ja-wordpress/wp-content/themes/twe share/ja-wordpress/wp-content/themes/twentynineteen/inc/back-compat.php share/ja-wordpress/wp-content/themes/twentynineteen/inc/color-patterns.php share/ja-wordpress/wp-content/themes/twentynineteen/inc/customizer.php +share/ja-wordpress/wp-content/themes/twentynineteen/inc/helper-functions.php share/ja-wordpress/wp-content/themes/twentynineteen/inc/icon-functions.php share/ja-wordpress/wp-content/themes/twentynineteen/inc/template-functions.php share/ja-wordpress/wp-content/themes/twentynineteen/inc/template-tags.php @@ -952,6 +953,7 @@ share/ja-wordpress/wp-includes/Text/Diff share/ja-wordpress/wp-includes/Text/Diff/Renderer.php share/ja-wordpress/wp-includes/Text/Diff/Renderer/inline.php share/ja-wordpress/wp-includes/admin-bar.php +share/ja-wordpress/wp-includes/assets/script-loader-packages.php share/ja-wordpress/wp-includes/atomlib.php share/ja-wordpress/wp-includes/author-template.php share/ja-wordpress/wp-includes/blocks.php @@ -964,6 +966,9 @@ share/ja-wordpress/wp-includes/blocks/la share/ja-wordpress/wp-includes/blocks/rss.php share/ja-wordpress/wp-includes/blocks/search.php share/ja-wordpress/wp-includes/blocks/shortcode.php +share/ja-wordpress/wp-includes/blocks/shortcode/block.json +share/ja-wordpress/wp-includes/blocks/social-link.php +share/ja-wordpress/wp-includes/blocks/social-link/block.json share/ja-wordpress/wp-includes/blocks/tag-cloud.php share/ja-wordpress/wp-includes/bookmark-template.php share/ja-wordpress/wp-includes/bookmark.php @@ -1035,6 +1040,7 @@ share/ja-wordpress/wp-includes/class-wp- share/ja-wordpress/wp-includes/class-wp-metadata-lazyloader.php share/ja-wordpress/wp-includes/class-wp-network-query.php share/ja-wordpress/wp-includes/class-wp-network.php +share/ja-wordpress/wp-includes/class-wp-object-cache.php share/ja-wordpress/wp-includes/class-wp-oembed-controller.php share/ja-wordpress/wp-includes/class-wp-oembed.php share/ja-wordpress/wp-includes/class-wp-paused-extensions-storage.php @@ -1091,6 +1097,10 @@ share/ja-wordpress/wp-includes/css/custo share/ja-wordpress/wp-includes/css/customize-preview.min.css share/ja-wordpress/wp-includes/css/dashicons.css share/ja-wordpress/wp-includes/css/dashicons.min.css +share/ja-wordpress/wp-includes/css/dist/block-directory/style-rtl.css +share/ja-wordpress/wp-includes/css/dist/block-directory/style-rtl.min.css +share/ja-wordpress/wp-includes/css/dist/block-directory/style.css +share/ja-wordpress/wp-includes/css/dist/block-directory/style.min.css share/ja-wordpress/wp-includes/css/dist/block-editor/style-rtl.css share/ja-wordpress/wp-includes/css/dist/block-editor/style-rtl.min.css share/ja-wordpress/wp-includes/css/dist/block-editor/style.css @@ -1282,6 +1292,7 @@ share/ja-wordpress/wp-includes/images/to share/ja-wordpress/wp-includes/images/toggle-arrow.png share/ja-wordpress/wp-includes/images/uploader-icons-2x.png share/ja-wordpress/wp-includes/images/uploader-icons.png +share/ja-wordpress/wp-includes/images/w-logo-blue-white-bg.png share/ja-wordpress/wp-includes/images/w-logo-blue.png share/ja-wordpress/wp-includes/images/wlw/wp-comments.png share/ja-wordpress/wp-includes/images/wlw/wp-icon.png @@ -1344,6 +1355,8 @@ share/ja-wordpress/wp-includes/js/dist/a share/ja-wordpress/wp-includes/js/dist/autop.min.js share/ja-wordpress/wp-includes/js/dist/blob.js share/ja-wordpress/wp-includes/js/dist/blob.min.js +share/ja-wordpress/wp-includes/js/dist/block-directory.js +share/ja-wordpress/wp-includes/js/dist/block-directory.min.js share/ja-wordpress/wp-includes/js/dist/block-editor.js share/ja-wordpress/wp-includes/js/dist/block-editor.min.js share/ja-wordpress/wp-includes/js/dist/block-library.js @@ -1388,6 +1401,8 @@ share/ja-wordpress/wp-includes/js/dist/i share/ja-wordpress/wp-includes/js/dist/i18n.min.js share/ja-wordpress/wp-includes/js/dist/is-shallow-equal.js share/ja-wordpress/wp-includes/js/dist/is-shallow-equal.min.js +share/ja-wordpress/wp-includes/js/dist/keyboard-shortcuts.js +share/ja-wordpress/wp-includes/js/dist/keyboard-shortcuts.min.js share/ja-wordpress/wp-includes/js/dist/keycodes.js share/ja-wordpress/wp-includes/js/dist/keycodes.min.js share/ja-wordpress/wp-includes/js/dist/list-reusable-blocks.js @@ -1400,6 +1415,8 @@ share/ja-wordpress/wp-includes/js/dist/n share/ja-wordpress/wp-includes/js/dist/nux.min.js share/ja-wordpress/wp-includes/js/dist/plugins.js share/ja-wordpress/wp-includes/js/dist/plugins.min.js +share/ja-wordpress/wp-includes/js/dist/primitives.js +share/ja-wordpress/wp-includes/js/dist/primitives.min.js share/ja-wordpress/wp-includes/js/dist/priority-queue.js share/ja-wordpress/wp-includes/js/dist/priority-queue.min.js share/ja-wordpress/wp-includes/js/dist/redux-routine.js @@ -1422,6 +1439,8 @@ share/ja-wordpress/wp-includes/js/dist/v share/ja-wordpress/wp-includes/js/dist/vendor/react-dom.min.js share/ja-wordpress/wp-includes/js/dist/vendor/react.js share/ja-wordpress/wp-includes/js/dist/vendor/react.min.js +share/ja-wordpress/wp-includes/js/dist/vendor/wp-polyfill-dom-rect.js +share/ja-wordpress/wp-includes/js/dist/vendor/wp-polyfill-dom-rect.min.js share/ja-wordpress/wp-includes/js/dist/vendor/wp-polyfill-element-closest.js share/ja-wordpress/wp-includes/js/dist/vendor/wp-polyfill-element-closest.min.js share/ja-wordpress/wp-includes/js/dist/vendor/wp-polyfill-fetch.js @@ -1430,10 +1449,14 @@ share/ja-wordpress/wp-includes/js/dist/v share/ja-wordpress/wp-includes/js/dist/vendor/wp-polyfill-formdata.min.js share/ja-wordpress/wp-includes/js/dist/vendor/wp-polyfill-node-contains.js share/ja-wordpress/wp-includes/js/dist/vendor/wp-polyfill-node-contains.min.js +share/ja-wordpress/wp-includes/js/dist/vendor/wp-polyfill-url.js +share/ja-wordpress/wp-includes/js/dist/vendor/wp-polyfill-url.min.js share/ja-wordpress/wp-includes/js/dist/vendor/wp-polyfill.js share/ja-wordpress/wp-includes/js/dist/vendor/wp-polyfill.min.js share/ja-wordpress/wp-includes/js/dist/viewport.js share/ja-wordpress/wp-includes/js/dist/viewport.min.js +share/ja-wordpress/wp-includes/js/dist/warning.js +share/ja-wordpress/wp-includes/js/dist/warning.min.js share/ja-wordpress/wp-includes/js/dist/wordcount.js share/ja-wordpress/wp-includes/js/dist/wordcount.min.js share/ja-wordpress/wp-includes/js/heartbeat.js Index: pkgsrc/www/php-ja-wordpress/distinfo diff -u pkgsrc/www/php-ja-wordpress/distinfo:1.15 pkgsrc/www/php-ja-wordpress/distinfo:1.16 --- pkgsrc/www/php-ja-wordpress/distinfo:1.15 Mon Dec 16 16:52:40 2019 +++ pkgsrc/www/php-ja-wordpress/distinfo Sun Jun 21 16:42:55 2020 @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.15 2019/12/16 16:52:40 taca Exp $ +$NetBSD: distinfo,v 1.16 2020/06/21 16:42:55 taca Exp $ -SHA1 (wordpress-5.3.1-ja.tar.gz) = 8b42ef9ebadd8ab508aabb70087b19457f506919 -RMD160 (wordpress-5.3.1-ja.tar.gz) = 868cafb5998f60a8b50b42fb466bddde45a953f8 -SHA512 (wordpress-5.3.1-ja.tar.gz) = 12a8dfedce928a9222634f8e0f7a2133141d6587e75d95aac7ef2dbf68a68e19463a74becb807bd276ead25af4fd4e23d50d2e34af42463883b5c9d3d1becfe6 -Size (wordpress-5.3.1-ja.tar.gz) = 12478994 bytes +SHA1 (wordpress-5.4.2-ja.tar.gz) = b3a4654042ff18002898083586b47caccfd552bf +RMD160 (wordpress-5.4.2-ja.tar.gz) = 33aada6635b01a1d8924a06c26dbce5f596baa26 +SHA512 (wordpress-5.4.2-ja.tar.gz) = 03efabc270d806882f8186d8c0f6fc42f0fb1bb1009c0879ee57c3bab2117126014fa2e9bdbdc27521ba001072569e2746f618d8cc5cab6aa9eebe4f098ea329 +Size (wordpress-5.4.2-ja.tar.gz) = 12960483 bytes --_----------=_159275777674570--