pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/www/wordpress



Module Name:    pkgsrc
Committed By:   morr
Date:           Wed Apr 25 13:00:37 UTC 2012

Modified Files:
        pkgsrc/www/wordpress: Makefile distinfo

Log Message:
Security update to Wordpress 3.3.2.

Three external libraries included in WordPress received security updates:

* Plupload (version 1.5.4), which WordPress uses for uploading media.
* SWFUpload, which WordPress previously used for uploading media, and may still 
be in use by plugins.
* SWFObject, which WordPress previously used to embed Flash content, and may 
still be in use by plugins and themes.

WordPress 3.3.2 also addresses:

* Limited privilege escalation where a site administrator could deactivate 
network-wide plugins when running a WordPress network under particular 
circumstances.
* Cross-site scripting vulnerability when making URLs clickable.
* Cross-site scripting vulnerabilities in redirects after posting comments in 
older browsers, and when filtering URLs.


To generate a diff of this commit:
cvs rdiff -u -r1.24 -r1.25 pkgsrc/www/wordpress/Makefile
cvs rdiff -u -r1.19 -r1.20 pkgsrc/www/wordpress/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.




Home | Main Index | Thread Index | Old Index