From 73847310f2ede13250ff2e944649713994150b4e Mon Sep 17 00:00:00 2001 From: Adrian Reber Date: Oct 30 2007 09:08:02 +0000 Subject: - updated to 2.3.1 (bz 357731, wordpress XSS issue) --- diff --git a/.cvsignore b/.cvsignore index ba1cbea..f06ed21 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,2 +1 @@ -wordpress-2.2.2.tar.gz -wordpress-2.2.3.tar.gz +wordpress-2.3.1.tar.gz diff --git a/sources b/sources index 667782e..c4103cb 100644 --- a/sources +++ b/sources @@ -1,2 +1 @@ -a87666c6fe6cb4db94e2ae0531e5b633 wordpress-2.2.2.tar.gz -98c1e611f8533d4fe4e8f995b8d83110 wordpress-2.2.3.tar.gz +bd53264cbe80e470c5a9bc2cf7aa85e4 wordpress-2.3.1.tar.gz diff --git a/wordpress.spec b/wordpress.spec index 09221a1..549c614 100644 --- a/wordpress.spec +++ b/wordpress.spec @@ -1,18 +1,15 @@ Summary: WordPress blogging software URL: http://www.wordpress.org Name: wordpress -Version: 2.2.3 +Version: 2.3.1 Group: Applications/Publishing -Release: 0%{?dist} +Release: 1%{?dist} License: GPLv2 -# Source0 with name-version does not work for web retrieval, -# latest.tar.gz does not work for build -# Source0: http://wordpress.org/latest.tar.gz Source0: http://wordpress.org/%{name}-%{version}.tar.gz Source1: wordpress-httpd-conf Source2: README.fedora.wordpress BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -Requires: php >= 4.2.0, httpd, php-mysql +Requires: php >= 4.1.0, httpd, php-mysql BuildArch: noarch %description @@ -21,6 +18,8 @@ almost trivial, to get information out to people on the web. %prep %setup -q -n wordpress +# disable-wordpress-core-update, updates are always installed via rpm +sed -i -e "s,add_action,#add_action,g" wp-includes/update.php %install mkdir -p ${RPM_BUILD_ROOT}%{_datadir}/wordpress @@ -50,8 +49,8 @@ rm -rf ${RPM_BUILD_ROOT} %doc license.txt %doc readme.html %doc README.fedora -%{_datadir}/wordpress/wp-app.php %{_datadir}/wordpress/wp-atom.php +%{_datadir}/wordpress/wp-app.php %{_datadir}/wordpress/wp-blog-header.php %{_datadir}/wordpress/wp-comments-post.php %{_datadir}/wordpress/wp-commentsrss2.php @@ -74,6 +73,13 @@ rm -rf ${RPM_BUILD_ROOT} %dir %{_sysconfdir}/wordpress %changelog +* Tue Oct 30 2007 Adrian Reber - 2.3.1-1 +- updated to 2.3.1 (bz 357731, wordpress XSS issue) + +* Mon Oct 15 2007 Adrian Reber - 2.3-1 +- updated to 2.3 +- disabled wordpress-core-update + * Tue Sep 11 2007 Adrian Reber - 2.2.3-0 - updated to 2.2.3 (security release) @@ -81,10 +87,7 @@ rm -rf ${RPM_BUILD_ROOT} - update to upstream 2.2.2 - license tag update -* Wed Jul 4 2007 John Berninger - 2.2.1-1 -- update to upstream 2.2.1 to fix various vulnerabilities - -* Mon Apr 16 2007 John Berninger - 2.1.3-1 +* Mon Apr 16 2007 john Berninger - 2.1.3-1 - update to 2.1.3 final - bz235912 * Mon Mar 26 2007 John Berninger - 2.1.3-rc2 @@ -94,22 +97,16 @@ rm -rf ${RPM_BUILD_ROOT} - update to 2.1.2 - backdoor exploit introduced upstream in 2.1.1 - bz 230825 * Tue Feb 27 2007 John Berninger - 2.1.1-0 -- update to 2.1.1 for vuln fix - bz 229991 +- update to 2.1.1 to fix vuln in bz 229991 * Wed Jan 31 2007 John Berninger - 2.1-0 -- update to v 2.1 to fix multiple bz/vuln's - -* Wed Dec 27 2006 John Berninger - 2.0.5-1 -- ver 2.0.5 to fix bz 220818 - -* Sun Dec 3 2006 John Berninger - 2.0.4-4 -- Remove mysql-server dependency for real this time. +- update to v2.1 to fix multiple bz/vuln's -* Sun Dec 3 2006 John Berninger - 2.0.4-3 +* Sun Dec 3 2006 John Berninger - 2.0.5-2 - Remove mysql-server dependency -* Sun Dec 3 2006 John Berninger - 2.0.4-2 -- Fix wp-db-backup.php vuln in BZ 213985 +* Sun Dec 3 2006 John Berninger - 2.0.5-1 +- Update to upstream 2.0.5 to fix vuln in bz 213985 * Thu Oct 26 2006 John Berninger - 2.0.4-1 - Doc fix for BZ 207822 @@ -126,7 +123,7 @@ rm -rf ${RPM_BUILD_ROOT} * Tue Jun 20 2006 John Berninger - 2.0.3-2 - Remove use of installprefix macro -- %{_datadir}/wordpress/wp-config.php is not a config file +- %%{_datadir}/wordpress/wp-config.php is not a config file - Symlink is relative * Mon Jun 19 2006 John Berninger - 2.0.3-1