Critical security update. ChangeLog: * Fix XSS vulnerabilities in the KSES library: Don't be case sensitive to attribute names. Handle padded entities when checking for bad protocols. Normalize entities before checking for bad protocols in esc_url().diff -r1.13 -r1.14 pkgsrc/www/wordpress/Makefile
(morr)
@@ -1,17 +1,17 @@ | @@ -1,17 +1,17 @@ | |||
1 | # $NetBSD: Makefile,v 1.13 2010/12/10 23:34:17 morr Exp $ | 1 | # $NetBSD: Makefile,v 1.14 2010/12/30 22:27:45 morr Exp $ | |
2 | 2 | |||
3 | DISTNAME= wordpress-${VERSION} | 3 | DISTNAME= wordpress-${VERSION} | |
4 | VERSION= 3.0.3 | 4 | VERSION= 3.0.4 | |
5 | CATEGORIES= www | 5 | CATEGORIES= www | |
6 | MASTER_SITES= http://wordpress.org/ | 6 | MASTER_SITES= http://wordpress.org/ | |
7 | 7 | |||
8 | MAINTAINER= morr@NetBSD.org | 8 | MAINTAINER= morr@NetBSD.org | |
9 | HOMEPAGE= http://wordpress.org/ | 9 | HOMEPAGE= http://wordpress.org/ | |
10 | COMMENT= Blogging tool written in php | 10 | COMMENT= Blogging tool written in php | |
11 | LICENSE= gnu-gpl-v2 | 11 | LICENSE= gnu-gpl-v2 | |
12 | 12 | |||
13 | PKG_DESTDIR_SUPPORT= user-destdir | 13 | PKG_DESTDIR_SUPPORT= user-destdir | |
14 | 14 | |||
15 | USE_TOOLS+= pax | 15 | USE_TOOLS+= pax | |
16 | 16 | |||
17 | .include "../../mk/bsd.prefs.mk" | 17 | .include "../../mk/bsd.prefs.mk" |
@@ -1,5 +1,5 @@ | @@ -1,5 +1,5 @@ | |||
1 | $NetBSD: distinfo,v 1.9 2010/12/10 23:34:18 morr Exp $ | 1 | $NetBSD: distinfo,v 1.10 2010/12/30 22:27:45 morr Exp $ | |
2 | 2 | |||
3 | SHA1 (wordpress-3.0.3.tar.gz) = 888c2f32fa18dfd5f02291cd8f33c67c3c9cc367 | 3 | SHA1 (wordpress-3.0.4.tar.gz) = b0c0500281078fb26e591231269a3baf04fc58c3 | |
4 | RMD160 (wordpress-3.0.3.tar.gz) = f8273b8cdafe9265f666abfae6309f9ed4590e0a | 4 | RMD160 (wordpress-3.0.4.tar.gz) = c0418e9622e95ecca4cc7e10c3f2ef7339de1bdf | |
5 | Size (wordpress-3.0.3.tar.gz) = 2689163 bytes | 5 | Size (wordpress-3.0.4.tar.gz) = 2699202 bytes |