diff options
| author | morr <morr> | 2015-08-02 21:51:24 +0000 |
|---|---|---|
| committer | morr <morr> | 2015-08-02 21:51:24 +0000 |
| commit | 4c82f0a8bc9fc497cd4d09fec1d3d71e4b25b7c4 (patch) | |
| tree | 01cfa0a96e76a91a385d78d0a59dc398e1106f2a /www | |
| parent | 43487899184d401a1f114f7782ae32cefa8f151e (diff) | |
| download | pkgsrc-4c82f0a8bc9fc497cd4d09fec1d3d71e4b25b7c4.tar.gz | |
Security update to version 4.2.3.
Changes:
WordPress 4.2.3 fixes a cross-site scripting vulnerability, which could allow
users with the Contributor or Author role to compromise a site.
The release also fixes an issue where it was possible for a user with
Subscriber permissions to create a draft through Quick Draft.
In addition to the security fixes, WordPress 4.2.3 contains fixes for
21 bugs from 4.2.2, including:
* FIX - Upgrades: If a table has already been converted to utf8mb4,
there's no need to try and convert it again.
* FIX - Remove a redundant index drop.
* FIX - Don't upgrade global tables to utf8mb4 when
DO_NOT_UPGRADE_GLOBAL_TABLES is defined.
* FIX - Enable utf8mb4 for MySQL extension users.
* FIX - Plugin update rely upon wp_update_plugins() to check the
contents of the transient and return early if no request needs to
be made.
* FIX - WPDB: When extracting the table name from a query, there is a
1000 character limit on the SQL string that would be searched.
* FIX - WPDB: When checking that text isn't too long to insert into a
column, LONGTEXT columns could fail, as their length is longer than
PHP_INT_MAX.
* FIX - Plugin update handles the case where the plugin is installed
into a different directory than it previously existed in.
* FIX - Plugin update feature doesn't recognize errors
* FIX - Plugin update error messages lack detail
* FIX - Multiple plugin updates: Even if one of plugins update fails,
allow further updates to continue.
* FIX - In comment_form(), ensure that filtered arguments contain all
required default values.
* FIX - WPDB: Remove some of the complexities in
::strip_invalid_text() associated with switching character sets
between queries.
* FIX - WPDB: ::strip_text_from_query() doesn't pass a length to
::strip_invalid_text(), which was causing queries to fail when they
contained characters that needed to be sanity checked by MySQL.
* FIX - Emoji script is producing errors on pages with SVG content
* FIX - Unable to drag widgets down page past certain length.
* FIX - TinyMCE: wpView: fix typo in createInstance that prevented
instances from being reused.
* FIX - SCRIPT_DEBUG check in print_emoji_detection_script()
generated PHP Notices.
* FIX - If the shortcode content contains HTML code, the TinyMCE View
no longer works.
* FIX - Better handling when the credential form is long (such as
when SSH is active).
* FIX - sanitize_option didn't handle a WP_Error Object.
Diffstat (limited to 'www')
| -rw-r--r-- | www/wordpress/Makefile | 4 | ||||
| -rw-r--r-- | www/wordpress/distinfo | 8 |
2 files changed, 6 insertions, 6 deletions
diff --git a/www/wordpress/Makefile b/www/wordpress/Makefile index c7b0409c8d9..35dbf491778 100644 --- a/www/wordpress/Makefile +++ b/www/wordpress/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.47 2015/05/11 05:16:31 morr Exp $ +# $NetBSD: Makefile,v 1.48 2015/08/02 21:51:24 morr Exp $ DISTNAME= wordpress-${VERSION} -VERSION= 4.2.2 +VERSION= 4.2.3 CATEGORIES= www MASTER_SITES= http://wordpress.org/ diff --git a/www/wordpress/distinfo b/www/wordpress/distinfo index fbbdf259616..8ca312b5c34 100644 --- a/www/wordpress/distinfo +++ b/www/wordpress/distinfo @@ -1,5 +1,5 @@ -$NetBSD: distinfo,v 1.39 2015/05/11 05:16:31 morr Exp $ +$NetBSD: distinfo,v 1.40 2015/08/02 21:51:24 morr Exp $ -SHA1 (wordpress-4.2.2.tar.gz) = d3a70d0f116e6afea5b850f793a81a97d2115039 -RMD160 (wordpress-4.2.2.tar.gz) = 74037a085ec23d815564e22f4990794137a58bec -Size (wordpress-4.2.2.tar.gz) = 6307937 bytes +SHA1 (wordpress-4.2.3.tar.gz) = 5a77cc0d0399c4e058d1f1e4a628b951f523042e +RMD160 (wordpress-4.2.3.tar.gz) = f35fad3e59f268930e242dbd6f160501ffd9c914 +Size (wordpress-4.2.3.tar.gz) = 6313518 bytes |