Thu Feb 10 10:25:50 2011 UTC ()
Security update to 3.0.5. Changes:
* Fix XSS bug: Properly encode title used in Quick/Bulk Edit, and offer additional sanitization to various fields. Affects users of the Author or Contributor role.
* Fix XSS bug: Preserve tag escaping in the tags meta box. Affects users of the Author or Contributor role.
* Fix potential information disclosure of posts through the media uploader. Affects users of the Author role.
* Enhancement: Force HTML filtering on comment text in the admin
* Enhancement: Harden check_admin_referer() when called without arguments, which plugins should avoid.
* Update the license to GPLv2 (or later) and update copyright information for the KSES library.
(morr)
diff -r1.14 -r1.15 pkgsrc/www/wordpress/Makefile
diff -r1.10 -r1.11 pkgsrc/www/wordpress/distinfo
--- pkgsrc/www/wordpress/Makefile 2010/12/30 22:27:45 1.14
+++ pkgsrc/www/wordpress/Makefile 2011/02/10 10:25:50 1.15
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.14 2010/12/30 22:27:45 morr Exp $
+# $NetBSD: Makefile,v 1.15 2011/02/10 10:25:50 morr Exp $
DISTNAME= wordpress-${VERSION}
-VERSION= 3.0.4
+VERSION= 3.0.5
CATEGORIES= www
MASTER_SITES= http://wordpress.org/
--- pkgsrc/www/wordpress/distinfo 2010/12/30 22:27:45 1.10
+++ pkgsrc/www/wordpress/distinfo 2011/02/10 10:25:50 1.11
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.10 2010/12/30 22:27:45 morr Exp $
+$NetBSD: distinfo,v 1.11 2011/02/10 10:25:50 morr Exp $
-SHA1 (wordpress-3.0.4.tar.gz) = b0c0500281078fb26e591231269a3baf04fc58c3
+SHA1 (wordpress-3.0.5.tar.gz) = 4145f315ee8e2fbfa58f605e95f005ae0713f283
-RMD160 (wordpress-3.0.4.tar.gz) = c0418e9622e95ecca4cc7e10c3f2ef7339de1bdf
+RMD160 (wordpress-3.0.5.tar.gz) = 4acc7492578232594715e64af2e0ccc6315297a9
-Size (wordpress-3.0.4.tar.gz) = 2699202 bytes
+Size (wordpress-3.0.5.tar.gz) = 2683820 bytes