summaryrefslogtreecommitdiff
path: root/cad/freehdl/distinfo
diff options
context:
space:
mode:
authormorr <morr@pkgsrc.org>2014-11-24 19:08:53 +0000
committermorr <morr@pkgsrc.org>2014-11-24 19:08:53 +0000
commit126ed5c631c0fde4b14112726e4e094dbda58427 (patch)
tree037dc58df74d1db3dec044c9603f59e35f0b43cb /cad/freehdl/distinfo
parent72cbb70b6d9ee23952ba1890e8073a429cdba681 (diff)
downloadpkgsrc-126ed5c631c0fde4b14112726e4e094dbda58427.tar.gz
Security update to 4.0.1.
Changes: - Three cross-site scripting issues that a contributor or author could use to compromise a site. - A cross-site request forgery that could be used to trick a user into changing their password. - An issue that could lead to a denial of service when passwords are checked. - Additional protections for server-side request forgery attacks when WordPress makes HTTP requests. - An extremely unlikely hash collision could allow a user’s account to be compromised, that also required that they haven’t logged in since 2008 (I wish I were kidding). - WordPress now invalidates the links in a password reset email if the user remembers their password, logs in, and changes their email address. More details on http://codex.wordpress.org/Version_4.0.1.
Diffstat (limited to 'cad/freehdl/distinfo')
0 files changed, 0 insertions, 0 deletions