diff options
| author |   Elfyn McBratney <beu@gentoo.org> | 2005-04-20 17:55:58 +0000 |
|---|---|---|
| committer | Elfyn McBratney <beu@gentoo.org> | 2005-04-20 17:55:58 +0000 |
| commit | c6109548a3f26514b1ea0d911c8d05d262fdbd00 (patch) | |
| tree | 1092563d16f01a89d56bc6fff0f20e722dd848a7 /www-apps/wordpress | |
| parent | fixed patch (diff) | |
| download | gentoo-2-c6109548a3f26514b1ea0d911c8d05d262fdbd00.tar.gz gentoo-2-c6109548a3f26514b1ea0d911c8d05d262fdbd00.tar.bz2 gentoo-2-c6109548a3f26514b1ea0d911c8d05d262fdbd00.zip | |
Version bump, fixes security bug #88926.
(Portage version: 2.0.51.19)
Diffstat (limited to 'www-apps/wordpress')
| -rw-r--r-- | www-apps/wordpress/ChangeLog | 8 | ||||
| -rw-r--r-- | www-apps/wordpress/Manifest | 17 | ||||
| -rw-r--r-- | www-apps/wordpress/files/digest-wordpress-1.5 | 1 | ||||
| -rw-r--r-- | www-apps/wordpress/files/dummy-templates.php | 7 | ||||
| -rw-r--r-- | www-apps/wordpress/wordpress-1.5.ebuild | 77 |
5 files changed, 97 insertions, 13 deletions
diff --git a/www-apps/wordpress/ChangeLog b/www-apps/wordpress/ChangeLog index c54c6c5d3ffb..77bfaac2d13f 100644 --- a/www-apps/wordpress/ChangeLog +++ b/www-apps/wordpress/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for www-apps/wordpress # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/www-apps/wordpress/ChangeLog,v 1.10 2005/03/02 11:36:59 ka0ttic Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-apps/wordpress/ChangeLog,v 1.11 2005/04/20 17:55:58 beu Exp $ + +*wordpress-1.5 (20 Apr 2005) + + 20 Apr 2005; Elfyn McBratney <beu@gentoo.org> +files/dummy-templates.php, + +wordpress-1.5.ebuild: + Version bump, fixes security bug #88926. Stable on x86. 02 Mar 2005; Aaron Walker <ka0ttic@gentoo.org> -files/wordpress-1.0.2.gentoo.diff, -files/1.2/login-patch.diff, diff --git a/www-apps/wordpress/Manifest b/www-apps/wordpress/Manifest index 4ac90e3240b1..e97262421a35 100644 --- a/www-apps/wordpress/Manifest +++ b/www-apps/wordpress/Manifest @@ -1,14 +1,7 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - -MD5 0ac25997252ba5fa240be54c00823002 wordpress-1.2.2.ebuild 2093 -MD5 7fe8d91aa71903b7e5f7a54b0b3ae4e9 ChangeLog 3504 MD5 4defd726d2b03decc5b7ff21b0aac1a3 metadata.xml 225 +MD5 7fe8d91aa71903b7e5f7a54b0b3ae4e9 ChangeLog 3504 +MD5 0ac25997252ba5fa240be54c00823002 wordpress-1.2.2.ebuild 2093 +MD5 1eaf141aac1129ac021022a906af6cdb wordpress-1.5.ebuild 2247 +MD5 f816ff62dcd7cadf0fae9384ab9618e5 files/dummy-templates.php 269 MD5 623542b78674abcdc33bb18a783739c8 files/digest-wordpress-1.2.2 64 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.0 (GNU/Linux) - -iD8DBQFCJaVnEZCkKN40op4RAl5RAJ4tB2ZMRbPZOK5Xu21kPg6Z30PYXQCeMV6u -EGMuUpbPR3+ofoRrseO0Q9E= -=Oxyw ------END PGP SIGNATURE----- +MD5 6befd2f0d4bc6d48d2ff1e81df578d4f files/digest-wordpress-1.5 62 diff --git a/www-apps/wordpress/files/digest-wordpress-1.5 b/www-apps/wordpress/files/digest-wordpress-1.5 new file mode 100644 index 000000000000..cd0e0d288dfa --- /dev/null +++ b/www-apps/wordpress/files/digest-wordpress-1.5 @@ -0,0 +1 @@ +MD5 df6dc18a7a0d93fa6bb187eb48b41612 latest-1.5.tar.gz 280251 diff --git a/www-apps/wordpress/files/dummy-templates.php b/www-apps/wordpress/files/dummy-templates.php new file mode 100644 index 000000000000..c40c287c6784 --- /dev/null +++ b/www-apps/wordpress/files/dummy-templates.php @@ -0,0 +1,7 @@ +<?php + +die("The wp-admin/templates.php file has been removed due to XSS vulnerabilites that have not \n". + "yet been fixed upstream. For more information, see \n". + "<a href=\"http://bugs.gentoo.org/show_bug.cgi?id=88926\">bug 88926</a> at Gentoo's bugzilla."); + +?> diff --git a/www-apps/wordpress/wordpress-1.5.ebuild b/www-apps/wordpress/wordpress-1.5.ebuild new file mode 100644 index 000000000000..928e1d766835 --- /dev/null +++ b/www-apps/wordpress/wordpress-1.5.ebuild @@ -0,0 +1,77 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/www-apps/wordpress/wordpress-1.5.ebuild,v 1.1 2005/04/20 17:55:58 beu Exp $ + +inherit webapp eutils + +#Wordpress releases have a release name tagged on the end of the version on the tar.gz files +#wordpress 1.2.1 has no extension +#MY_EXT="mingus" + +DESCRIPTION="Wordpress php and mysql based CMS system." +HOMEPAGE="http://wordpress.org/" +#Latest version is only available in the format! +#Download is renamed by HTTP Header as wordpress-1.2.2.tar.gz +SRC_URI="http://wordpress.org/latest-1.5.tar.gz" +LICENSE="GPL-2" +KEYWORDS="x86 ~ppc ~sparc" +IUSE="" +RDEPEND=">=dev-php/mod_php-4.1 + >=dev-db/mysql-3.23.23" + +DEPEND="${DEPEND} ${RDEPEND} >=net-www/webapp-config-1.10-r5" + +S="${WORKDIR}/${PN}" + +src_unpack() { + unpack ${A} +# no patch needed anymore +# epatch ${FILESDIR}/${PV}/login-patch.diff +} + +src_install() { + local docs="license.txt readme.html" + + webapp_src_preinst + + # remove wp-admin/templates.php (XSS exploit). See bug #88926. + rm -f wp-admin/templates.php + cp ${FILESDIR}/dummy-templates.php wp-admin/templates.php + + einfo "Installing main files" + cp -r * ${D}${MY_HTDOCSDIR} + einfo "Done" + + # handle documentation files + # + # NOTE that doc files go into /usr/share/doc as normal; they do NOT + # get installed per vhost! + + dodoc ${docs} + for doc in ${docs} INSTALL; do + rm -f ${doc} + done + + # Identify the configuration files that this app uses + # User can want to make changes to these! + webapp_serverowned ${MY_HTDOCSDIR}/index.php + #webapp_serverowned ${MY_HTDOCSDIR}/wp-layout.css + webapp_serverowned ${MY_HTDOCSDIR}/wp-admin/menu.php + webapp_serverowned ${MY_HTDOCSDIR} + + # Identify any script files that need #! headers adding to run under + # a CGI script (such as PHP/CGI) + # + # for wordpress, we *assume* that all .php files need to have CGI/BIN + # support added + + for x in `find . -name '*.php' -print ` ; do + webapp_runbycgibin php ${MY_HTDOCSDIR}/$x + done + + # post-install instructions + #webapp_postinst_txt en ${FILESDIR}/1.2/postinstall-en.txt + + # now strut stuff + webapp_src_install +} |