Thu Feb 10 10:25:50 2011 UTC ()
Security update to 3.0.5. Changes:

* Fix XSS bug: Properly encode title used in Quick/Bulk Edit, and offer additional sanitization to various fields. Affects users of the Author or Contributor role.
* Fix XSS bug: Preserve tag escaping in the tags meta box. Affects users of the Author or Contributor role.
* Fix potential information disclosure of posts through the media uploader. Affects users of the Author role.
* Enhancement: Force HTML filtering on comment text in the admin
* Enhancement: Harden check_admin_referer() when called without arguments, which plugins should avoid.
* Update the license to GPLv2 (or later) and update copyright information for the KSES library.


(morr)
diff -r1.14 -r1.15 pkgsrc/www/wordpress/Makefile
diff -r1.10 -r1.11 pkgsrc/www/wordpress/distinfo
cvs diff -r1.14 -r1.15 pkgsrc/www/wordpress/Makefile (expand / switch to unified diff)

--- pkgsrc/www/wordpress/Makefile 2010/12/30 22:27:45 1.14
+++ pkgsrc/www/wordpress/Makefile 2011/02/10 10:25:50 1.15
@@ -1,17 +1,17 @@ @@ -1,17 +1,17 @@
1# $NetBSD: Makefile,v 1.14 2010/12/30 22:27:45 morr Exp $ 1# $NetBSD: Makefile,v 1.15 2011/02/10 10:25:50 morr Exp $
2 2
3DISTNAME= wordpress-${VERSION} 3DISTNAME= wordpress-${VERSION}
4VERSION= 3.0.4 4VERSION= 3.0.5
5CATEGORIES= www 5CATEGORIES= www
6MASTER_SITES= http://wordpress.org/ 6MASTER_SITES= http://wordpress.org/
7 7
8MAINTAINER= morr@NetBSD.org 8MAINTAINER= morr@NetBSD.org
9HOMEPAGE= http://wordpress.org/ 9HOMEPAGE= http://wordpress.org/
10COMMENT= Blogging tool written in php 10COMMENT= Blogging tool written in php
11LICENSE= gnu-gpl-v2 11LICENSE= gnu-gpl-v2
12 12
13PKG_DESTDIR_SUPPORT= user-destdir 13PKG_DESTDIR_SUPPORT= user-destdir
14 14
15USE_TOOLS+= pax 15USE_TOOLS+= pax
16 16
17.include "../../mk/bsd.prefs.mk" 17.include "../../mk/bsd.prefs.mk"
cvs diff -r1.10 -r1.11 pkgsrc/www/wordpress/distinfo (expand / switch to unified diff)

--- pkgsrc/www/wordpress/distinfo 2010/12/30 22:27:45 1.10
+++ pkgsrc/www/wordpress/distinfo 2011/02/10 10:25:50 1.11
@@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
1$NetBSD: distinfo,v 1.10 2010/12/30 22:27:45 morr Exp $ 1$NetBSD: distinfo,v 1.11 2011/02/10 10:25:50 morr Exp $
2 2
3SHA1 (wordpress-3.0.4.tar.gz) = b0c0500281078fb26e591231269a3baf04fc58c3 3SHA1 (wordpress-3.0.5.tar.gz) = 4145f315ee8e2fbfa58f605e95f005ae0713f283
4RMD160 (wordpress-3.0.4.tar.gz) = c0418e9622e95ecca4cc7e10c3f2ef7339de1bdf 4RMD160 (wordpress-3.0.5.tar.gz) = 4acc7492578232594715e64af2e0ccc6315297a9
5Size (wordpress-3.0.4.tar.gz) = 2699202 bytes 5Size (wordpress-3.0.5.tar.gz) = 2683820 bytes