[wordpress] update to 3.5.1 (security)
Remi Collet
remi at fedoraproject.org
Wed Jan 30 13:12:15 UTC 2013
commit 240dbed53becaab45cbf8deb43d459d6032907bd
Author: Remi Collet <remi at fedoraproject.org>
Date: Wed Jan 30 14:12:06 2013 +0100
update to 3.5.1 (security)
.gitignore | 1 +
sources | 2 +-
wordpress-httpd-conf | 7 +++++++
wordpress.spec | 21 ++++++++++++++++-----
4 files changed, 25 insertions(+), 6 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index a7c0e8b..a3311bf 100644
--- a/.gitignore
+++ b/.gitignore
@@ -34,3 +34,4 @@ wordpress-3.0.1.tar.gz
/wordpress-3.5-RC2.tar.gz
/wordpress-3.5-RC3.tar.gz
/wordpress-3.5.tar.gz
+/wordpress-3.5.1.tar.gz
diff --git a/sources b/sources
index 3744939..301c035 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-105b5baff67344528bb5d8b71c050b0d wordpress-3.5.tar.gz
+409889c98b13cbdbb9fd121df859ae3e wordpress-3.5.1.tar.gz
diff --git a/wordpress-httpd-conf b/wordpress-httpd-conf
index 76c708b..c4266b4 100644
--- a/wordpress-httpd-conf
+++ b/wordpress-httpd-conf
@@ -14,3 +14,10 @@ Alias /wordpress /usr/share/wordpress
Allow from ::1
</IfModule>
</Directory>
+
+<Directory /usr/share/wordpress/wp-content/plugins/akismet>
+ <FilesMatch "\.(php|txt)$">
+ Order Deny,Allow
+ Deny from all
+ </FilesMatch>
+</Directory>
diff --git a/wordpress.spec b/wordpress.spec
index aabc907..96de685 100644
--- a/wordpress.spec
+++ b/wordpress.spec
@@ -4,10 +4,10 @@
Summary: Blog tool and publishing platform
URL: http://www.wordpress.org
Name: wordpress
-Version: 3.5
+Version: 3.5.1
Group: Applications/Publishing
#Release: 0.5.%{betatag}%{?dist}
-Release: 3%{?dist}
+Release: 1%{?dist}
License: GPLv2
#Source0: http://wordpress.org/%{name}-%{version}-%{betatag}.tar.gz
Source0: http://wordpress.org/%{name}-%{version}.tar.gz
@@ -21,6 +21,8 @@ Patch0: wordpress-debian_patches_hello.patch
# This patch doesn’t work well, see bugzilla.redhat.com/522897
Patch1: wordpress-move-wp-content.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+BuildArch: noarch
+
%if 0%{?rhel} == 5
Requires: php53 >= 5.2.4, php53-simplepie
%else
@@ -59,7 +61,6 @@ Requires: php-PHPMailer
Requires: webserver
Provides: wordpress-mu = %{version}-%{release}
Obsoletes: wordpress-mu < 2.9.3
-BuildArch: noarch
%description
Wordpress is an online publishing / weblog package that makes it very easy,
@@ -81,6 +82,9 @@ sed -i -e "s,\(.*\)'update_nag'\(.*\),#\1'update_nag'\2,g; \
# fix file encoding
sed -i -e 's/\r//' license.txt
+# Drop .htaccess (moved in wordpress-httpd-conf)
+rm wp-content/plugins/akismet/.htaccess
+
%build
%install
@@ -103,14 +107,14 @@ find ${RPM_BUILD_ROOT} -type f -empty -exec rm -vf {} \;
rm -f ${RPM_BUILD_ROOT}%{_datadir}/wordpress/{license.txt,readme.html}
# Remove bundled php-simplepie and link to system copy
-rm -f ${RPM_BUILD_ROOT}%{_datadir}/wordpress/wp-includes/class-simplepie.php
+rm ${RPM_BUILD_ROOT}%{_datadir}/wordpress/wp-includes/class-simplepie.php
rm -rf ${RPM_BUILD_ROOT}%{_datadir}/wordpress/wp-includes/SimplePie
ln -sf /usr/share/php/php-simplepie/autoloader.php \
${RPM_BUILD_ROOT}%{_datadir}/wordpress/wp-includes/class-simplepie.php
# Remove bundled PHPMailer and link to system one
for fic in phpmailer smtp pop3; do
- rm -f ${RPM_BUILD_ROOT}%{_datadir}/wordpress/wp-includes/class-$fic.php
+ rm ${RPM_BUILD_ROOT}%{_datadir}/wordpress/wp-includes/class-$fic.php
ln -sf /usr/share/php/PHPMailer/class.$fic.php \
${RPM_BUILD_ROOT}%{_datadir}/wordpress/wp-includes/class-$fic.php
done
@@ -160,6 +164,13 @@ rm -rf ${RPM_BUILD_ROOT}
%dir %{_sysconfdir}/wordpress
%changelog
+* Wed Jan 30 2013 Remi Collet <rcollet at redhat.com> - 3.5.1-1
+- version 3.5.1, various bug and security fixes:
+ CVE-2013-0235, CVE-2013-0236 and CVE-2013-0237
+- drop -f option from rm to break build if
+ upstream archive content change
+- protect akismet content (from upstream .htaccess)
+
* Mon Jan 2 2013 Remi Collet <rcollet at redhat.com> - 3.5-3
- fix links to system PHPMailer library
More information about the scm-commits
mailing list