From b19c90b9383f90d93e1a329d85a62046fbf87e48 Mon Sep 17 00:00:00 2001 From: morr Date: Sun, 23 Feb 2020 09:59:42 +0000 Subject: Update to version 5.3.2. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Changes: Version 5.3.2: Maintenance updates - Date/Time: Ensure that get_feed_build_date() correctly handles a modified post object with invalid date. - Uploads: Fix file name collision in wp_unique_filename() when uploading a file with upper case extension on non case-sensitive file systems. - Media: Fix PHP warnings in wp_unique_filename() when the destination directory is unreadable. - Administration: Fix the colors in all color schemes for buttons with the .active class. - Tests/build tools: In wp_insert_post(), when checking the post date to set future or publish status, use a proper delta comparison. Version 5.3.1: Security fixes - Props to Daniel Bachhuber for finding an issue where an unprivileged user could make a post sticky via the REST API. - Props to Simon Scannell of RIPS Technologies for finding and disclosing an issue where cross-site scripting (XSS) could be stored in well-crafted links. - Props to the WordPress.org Security Team for hardening wp_kses_bad_protocol() to ensure that it is aware of the named colon attribute. - Props to Nguyen The Duc for discovering a stored XSS vulnerability using block editor content. Maintenance updates - Administration: improvements to admin form controls height and alignment standardization (see related dev note), dashboard widget links accessibility and alternate color scheme readability issues (see related dev note). - Block editor: fix Edge scrolling issues and intermittent JavaScript issues. - Bundled themes: add customizer option to show/hide author bio, replace JS based smooth scroll with CSS (see related dev note) and fix Instagram embed CSS. - Date/time: improve non-GMT dates calculation, fix date format output in specific languages and make get_permalink() more resilient against PHP timezone changes. - Embeds: remove CollegeHumor oEmbed provider as the service doesn’t exist anymore. - External libraries: update sodium_compat. - Site health: allow the remind interval for the admin email verification to be filtered. - Uploads: avoid thumbnails overwriting other uploads when filename matches, and exclude PNG images from scaling after upload. - Users: ensure administration email verification uses the user’s locale instead of the site locale. --- www/wordpress/Makefile | 5 ++--- www/wordpress/PLIST | 10 +++++++++- www/wordpress/distinfo | 10 +++++----- 3 files changed, 16 insertions(+), 9 deletions(-) (limited to 'www') diff --git a/www/wordpress/Makefile b/www/wordpress/Makefile index 02aa527f39c..a0ffd67a940 100644 --- a/www/wordpress/Makefile +++ b/www/wordpress/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.90 2019/12/09 14:20:57 taca Exp $ +# $NetBSD: Makefile,v 1.91 2020/02/23 09:59:42 morr Exp $ DISTNAME= wordpress-${VERSION} -VERSION= 5.3 -PKGREVISION= 1 +VERSION= 5.3.2 CATEGORIES= www MASTER_SITES= https://wordpress.org/ diff --git a/www/wordpress/PLIST b/www/wordpress/PLIST index 35f886855b3..4edc94c3e76 100644 --- a/www/wordpress/PLIST +++ b/www/wordpress/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.41 2019/12/04 08:06:04 morr Exp $ +@comment $NetBSD: PLIST,v 1.42 2020/02/23 09:59:42 morr Exp $ share/doc/wordpress/license.txt share/doc/wordpress/readme.html share/examples/wordpress/wordpress.conf @@ -1453,6 +1453,7 @@ share/wordpress/wp-includes/js/heartbeat.js share/wordpress/wp-includes/js/heartbeat.min.js share/wordpress/wp-includes/js/hoverIntent.js share/wordpress/wp-includes/js/hoverIntent.min.js +share/wordpress/wp-includes/js/hoverintent-js.min.js share/wordpress/wp-includes/js/imagesloaded.min.js share/wordpress/wp-includes/js/imgareaselect/border-anim-h.gif share/wordpress/wp-includes/js/imgareaselect/border-anim-v.gif @@ -1792,6 +1793,7 @@ share/wordpress/wp-includes/sodium_compat/composer.json share/wordpress/wp-includes/sodium_compat/lib/constants.php share/wordpress/wp-includes/sodium_compat/lib/namespaced.php share/wordpress/wp-includes/sodium_compat/lib/php72compat.php +share/wordpress/wp-includes/sodium_compat/lib/php72compat_const.php share/wordpress/wp-includes/sodium_compat/lib/sodium_compat.php share/wordpress/wp-includes/sodium_compat/namespaced/Compat.php share/wordpress/wp-includes/sodium_compat/namespaced/Core/BLAKE2b.php @@ -1821,6 +1823,9 @@ share/wordpress/wp-includes/sodium_compat/namespaced/Crypto.php share/wordpress/wp-includes/sodium_compat/namespaced/File.php share/wordpress/wp-includes/sodium_compat/src/Compat.php share/wordpress/wp-includes/sodium_compat/src/Core/BLAKE2b.php +share/wordpress/wp-includes/sodium_compat/src/Core/Base64/Common.php +share/wordpress/wp-includes/sodium_compat/src/Core/Base64/Original.php +share/wordpress/wp-includes/sodium_compat/src/Core/Base64/UrlSafe.php share/wordpress/wp-includes/sodium_compat/src/Core/ChaCha20.php share/wordpress/wp-includes/sodium_compat/src/Core/ChaCha20/Ctx.php share/wordpress/wp-includes/sodium_compat/src/Core/ChaCha20/IetfCtx.php @@ -1839,6 +1844,7 @@ share/wordpress/wp-includes/sodium_compat/src/Core/HSalsa20.php share/wordpress/wp-includes/sodium_compat/src/Core/Poly1305.php share/wordpress/wp-includes/sodium_compat/src/Core/Poly1305/State.php share/wordpress/wp-includes/sodium_compat/src/Core/Salsa20.php +share/wordpress/wp-includes/sodium_compat/src/Core/SecretStream/State.php share/wordpress/wp-includes/sodium_compat/src/Core/SipHash.php share/wordpress/wp-includes/sodium_compat/src/Core/Util.php share/wordpress/wp-includes/sodium_compat/src/Core/X25519.php @@ -1865,6 +1871,7 @@ share/wordpress/wp-includes/sodium_compat/src/Core32/Int64.php share/wordpress/wp-includes/sodium_compat/src/Core32/Poly1305.php share/wordpress/wp-includes/sodium_compat/src/Core32/Poly1305/State.php share/wordpress/wp-includes/sodium_compat/src/Core32/Salsa20.php +share/wordpress/wp-includes/sodium_compat/src/Core32/SecretStream/State.php share/wordpress/wp-includes/sodium_compat/src/Core32/SipHash.php share/wordpress/wp-includes/sodium_compat/src/Core32/Util.php share/wordpress/wp-includes/sodium_compat/src/Core32/X25519.php @@ -1873,6 +1880,7 @@ share/wordpress/wp-includes/sodium_compat/src/Core32/XSalsa20.php share/wordpress/wp-includes/sodium_compat/src/Crypto.php share/wordpress/wp-includes/sodium_compat/src/Crypto32.php share/wordpress/wp-includes/sodium_compat/src/File.php +share/wordpress/wp-includes/sodium_compat/src/PHP52/SplFixedArray.php share/wordpress/wp-includes/sodium_compat/src/SodiumException.php share/wordpress/wp-includes/spl-autoload-compat.php share/wordpress/wp-includes/taxonomy.php diff --git a/www/wordpress/distinfo b/www/wordpress/distinfo index 2e13f9b5d9f..a1f9c0ee20f 100644 --- a/www/wordpress/distinfo +++ b/www/wordpress/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.72 2019/12/04 08:06:04 morr Exp $ +$NetBSD: distinfo,v 1.73 2020/02/23 09:59:42 morr Exp $ -SHA1 (wordpress-5.3.tar.gz) = e3edcb1131e539c2b2e10fed37f8b6683c824a98 -RMD160 (wordpress-5.3.tar.gz) = 9e52f5dfb0315d845f261d9ad5d14cf32f634e31 -SHA512 (wordpress-5.3.tar.gz) = 90a0df8a2b965c06ac10ba0dd3521b98bbd6040780bd2ccfa14a445bd2cbdb1311277563dd30f5cdc918a4177ec7c49e89260d95309fb08e271173f242fcfc07 -Size (wordpress-5.3.tar.gz) = 12372564 bytes +SHA1 (wordpress-5.3.2.tar.gz) = fded476f112dbab14e3b5acddd2bcfa550e7b01b +RMD160 (wordpress-5.3.2.tar.gz) = 4385dac6def9eeeb6fccdcc2b247ace9fc354b64 +SHA512 (wordpress-5.3.2.tar.gz) = d766d485d9a6a6efb2b92ffaec2ba1f773e55a6e018759bb6b196469b73db2857c34a3dfca1ac406e2b7066072a35c070c99f24b285a47b050e3d21317785198 +Size (wordpress-5.3.2.tar.gz) = 12389281 bytes -- cgit v1.2.3