rpms/wordpress/F-11 changeset_r11798.diff, NONE, 1.1 wordpress.spec, 1.31, 1.32
Adrian Reber
adrian at fedoraproject.org
Tue Aug 11 10:28:11 UTC 2009
Author: adrian
Update of /cvs/extras/rpms/wordpress/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv24548
Modified Files:
wordpress.spec
Added Files:
changeset_r11798.diff
Log Message:
* Tue Aug 11 2009 Adrian Reber <adrian at lisas.de> - 2.8.3-2
- another security update to fix "Remote admin reset password":
http://lists.grok.org.uk/pipermail/full-disclosure/2009-August/070137.html
changeset_r11798.diff:
wp-login.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- NEW FILE changeset_r11798.diff ---
Index: /branches/2.8/wp-login.php
===================================================================
--- /branches/2.8/wp-login.php (revision 11514)
+++ /branches/2.8/wp-login.php (revision 11798)
@@ -188,5 +188,5 @@
$key = preg_replace('/[^a-z0-9]/i', '', $key);
- if ( empty( $key ) )
+ if ( empty( $key ) || is_array( $key ) )
return new WP_Error('invalid_key', __('Invalid key'));
Index: wordpress.spec
===================================================================
RCS file: /cvs/extras/rpms/wordpress/F-11/wordpress.spec,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -p -r1.31 -r1.32
--- wordpress.spec 5 Aug 2009 07:45:37 -0000 1.31
+++ wordpress.spec 11 Aug 2009 10:28:10 -0000 1.32
@@ -3,7 +3,7 @@ URL: http://www.wordpress.org
Name: wordpress
Version: 2.8.3
Group: Applications/Publishing
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2
Source0: http://wordpress.org/%{name}-%{version}.tar.gz
Source1: wordpress-httpd-conf
@@ -11,6 +11,7 @@ Source2: README.fedora.wordpress
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires: php >= 4.1.0, httpd, php-mysql
BuildArch: noarch
+Patch0: changeset_r11798.diff
%description
Wordpress is an online publishing / weblog package that makes it very easy,
@@ -18,6 +19,7 @@ almost trivial, to get information out t
%prep
%setup -q -n wordpress
+%patch0 -p3
# disable wp_version_check, updates are always installed via rpm
sed -i -e "s,\(.*\)'wp_version_check'\(.*\),#\1'wp_version_check'\2,g" \
wp-includes/update.php
@@ -77,6 +79,10 @@ rm -rf ${RPM_BUILD_ROOT}
%dir %{_sysconfdir}/wordpress
%changelog
+* Tue Aug 11 2009 Adrian Reber <adrian at lisas.de> - 2.8.3-2
+- another security update to fix "Remote admin reset password":
+ http://lists.grok.org.uk/pipermail/full-disclosure/2009-August/070137.html
+
* Mon Aug 03 2009 Adrian Reber <adrian at lisas.de> - 2.8.3-1
- updated to 2.8.3 for security fixes
More information about the fedora-extras-commits
mailing list