diff options
| author | morr <morr> | 2013-01-27 07:51:37 +0000 |
|---|---|---|
| committer | morr <morr> | 2013-01-27 07:51:37 +0000 |
| commit | 4b782d4d1f4a7592551121bbd22818aa6fd891c7 (patch) | |
| tree | 95fba0f90f06c58827c843b20c59d722b4dec663 /converters/yencode/DESCR | |
| parent | 929c46a9de2da2e03326f837c857055465e87d93 (diff) | |
| download | pkgsrc-4b782d4d1f4a7592551121bbd22818aa6fd891c7.tar.gz | |
This maintenance release addresses 37 bugs with version 3.5, including:
* Editor: Prevent certain HTML elements from being unexpectedly removed or
modified in rare cases.
* Media: Fix a collection of minor workflow and compatibility issues in the new
media manager.
* Networks: Suggest proper rewrite rules when creating a new network.
* Prevent scheduled posts from being stripped of certain HTML, such as video
embeds, when they are published.
* Work around some misconfigurations that may have caused some JavaScript in
the WordPress admin area to fail.
* Suppress some warnings that could occur when a plugin misused the database or
user APIs.
Additionally: Version 3.5.1 fixes a few security issues:
* Server-side request forgery (SSRF) and remote port scanning via pingbacks.
Fixed by the WordPress security team.
* Cross-site scripting (XSS) via shortcodes and post content. Discovered by Jon
Cave of the WordPress security team.
* Cross-site scripting (XSS) in the external library Plupload. Plupload 1.5.5
was released to address this issue.
Diffstat (limited to 'converters/yencode/DESCR')
0 files changed, 0 insertions, 0 deletions