pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/www/php-ja-wordpress



Module Name:    pkgsrc
Committed By:   ryoon
Date:           Mon Sep 21 00:46:30 UTC 2015

Modified Files:
        pkgsrc/www/php-ja-wordpress: Makefile distinfo

Log Message:
Update to 4.3.1

Changelog:
WordPress 4.3.1 Security and Maintenance Release Posted
September 15, 2015 by Samuel Sidler. Filed under Releases, Security.

WordPress 4.3.1 is now available. This is a security release for
all previous versions and we strongly encourage you to update your
sites immediately.

This release addresses three issues, including two cross-site
scripting vulnerabilities and a potential privilege escalation.

    WordPress versions 4.3 and earlier are vulnerable to a cross-site
    scripting vulnerability when processing shortcode tags
    (CVE-2015-5714). Reported by Shahar Tal and Netanel Rubin of
    Check Point.  A separate cross-site scripting vulnerability
    was found in the user list table. Reported by Ben Bidner of
    the WordPress security team.  Finally, in certain cases, users
    without proper permissions could publish private posts and make
    them sticky (CVE-2015-5715). Reported by Shahar Tal and Netanel
    Rubin of Check Point.

Our thanks to those who have practiced responsible disclosure of
security issues.

WordPress 4.3.1 also fixes twenty-six bugs. For more information,
see the release notes or consult the list of changes.

Download WordPress 4.3.1 or venture over to Dashboard � Updates
and simply click �Update Now.� Sites that support automatic background
updates are already beginning to update to WordPress 4.3.1.

Thanks to everyone who contributed to 4.3.1:

Adam Silverstein, Andrea Fercia, Andrew Ozz, Boone Gorges, Brandon
Kraft, chriscct7, Daisuke Takahashi, Dion Hulse, Dominik Schilling,
Drew Jaynes, dustinbolton, Gary Pendergast, hauvong, James Huff,
Jeremy Felt, jobst, Marin Atanasov, Nick Halsey, nikeo, Nikolay
Bachiyski, Pascal Birchler, Paul Ryan, Peter Wilson, Robert Chapin,
Samuel Wood, Scott Taylor, Sergey Biryukov, tmatsuur, Tracy Levesque,
Umesh Nevase, vortfu, welcher, Weston Ruter


To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 pkgsrc/www/php-ja-wordpress/Makefile \
    pkgsrc/www/php-ja-wordpress/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.




Home | Main Index | Thread Index | Old Index