[wordpress/el5] update to 3.5.1 (security)

Remi Collet remi at fedoraproject.org
Wed Jan 30 16:07:56 UTC 2013 

commit b8bae8f7e70e2b360bdff8cea0929aeb40288647
Author: Remi Collet <remi at fedoraproject.org>
Date:   Wed Jan 30 17:07:48 2013 +0100

    update to 3.5.1 (security)

 .gitignore           |    1 +
 sources              |    2 +-
 wordpress-httpd-conf |   18 ++++++++++++++++++
 wordpress.spec       |   26 ++++++++++++++++++++++----
 4 files changed, 42 insertions(+), 5 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 4f114c6..067df72 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 /wordpress-3.5.tar.gz
+/wordpress-3.5.1.tar.gz
diff --git a/sources b/sources
index 3744939..301c035 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-105b5baff67344528bb5d8b71c050b0d  wordpress-3.5.tar.gz
+409889c98b13cbdbb9fd121df859ae3e  wordpress-3.5.1.tar.gz
diff --git a/wordpress-httpd-conf b/wordpress-httpd-conf
index 5552c00..c4266b4 100644
--- a/wordpress-httpd-conf
+++ b/wordpress-httpd-conf
@@ -2,4 +2,22 @@ Alias /wordpress /usr/share/wordpress
 
 <Directory /usr/share/wordpress>
   AllowOverride Options
+  <IfModule mod_authz_core.c>
+    # Apache 2.4
+    Require local
+  </IfModule>
+  <IfModule !mod_authz_core.c>
+    # Apache 2.2
+    Order Deny,Allow
+    Deny from All
+    Allow from 127.0.0.1
+    Allow from ::1
+ </IfModule>
+</Directory>
+
+<Directory /usr/share/wordpress/wp-content/plugins/akismet>
+  <FilesMatch "\.(php|txt)$">
+    Order Deny,Allow
+    Deny from all
+  </FilesMatch>
 </Directory>
diff --git a/wordpress.spec b/wordpress.spec
index 5750940..0e8629a 100644
--- a/wordpress.spec
+++ b/wordpress.spec
@@ -4,7 +4,7 @@
 Summary: Blog tool and publishing platform
 URL: http://www.wordpress.org
 Name: wordpress
-Version: 3.5
+Version: 3.5.1
 Group: Applications/Publishing
 #Release: 0.5.%{betatag}%{?dist}
 Release: 1%{?dist}
@@ -21,6 +21,8 @@ Patch0: wordpress-debian_patches_hello.patch
 # This patch doesn’t work well, see bugzilla.redhat.com/522897
 Patch1: wordpress-move-wp-content.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+BuildArch: noarch
+
 %if 0%{?rhel} == 5
 Requires: php53 >= 5.2.4, php53-simplepie
 %else
@@ -58,7 +60,6 @@ Requires: php-PHPMailer
 Requires: webserver
 Provides: wordpress-mu = %{version}-%{release}
 Obsoletes: wordpress-mu < 2.9.3
-BuildArch: noarch
 
 %description
 Wordpress is an online publishing / weblog package that makes it very easy,
@@ -80,6 +81,9 @@ sed -i -e "s,\(.*\)'update_nag'\(.*\),#\1'update_nag'\2,g; \
 # fix file encoding
 sed -i -e 's/\r//' license.txt
 
+# Drop .htaccess (moved in wordpress-httpd-conf)
+rm wp-content/plugins/akismet/.htaccess
+
 %build
 
 %install
@@ -103,11 +107,15 @@ rm -f ${RPM_BUILD_ROOT}%{_datadir}/wordpress/{license.txt,readme.html}
 
 # Remove bundled php-simplepie and link to system copy
 rm -f ${RPM_BUILD_ROOT}%{_datadir}/wordpress/wp-includes/class-simplepie.php
+# This is specific to simple 1.1 in EL-5
 ln -sf /usr/share/php/php-simplepie/simplepie.inc ${RPM_BUILD_ROOT}%{_datadir}/wordpress/wp-includes/class-simplepie.php
 
 # Remove bundled PHPMailer and link to system one
-rm -f ${RPM_BUILD_ROOT}%{_datadir}/wordpress/wp-includes/class-{phpmailer,smtp,pop3}.php
-ln -sf /usr/share/php/PHPMailer/*php ${RPM_BUILD_ROOT}%{_datadir}/wordpress/wp-includes/
+for fic in phpmailer smtp pop3; do
+  rm     ${RPM_BUILD_ROOT}%{_datadir}/wordpress/wp-includes/class-$fic.php
+  ln -sf /usr/share/php/PHPMailer/class.$fic.php \
+         ${RPM_BUILD_ROOT}%{_datadir}/wordpress/wp-includes/class-$fic.php
+done
 
 # Remove backup copies of patches
 find ${RPM_BUILD_ROOT} \( -name \*.dolly -o -name \*.rhbz522897 -o -name \*.FSFaddr \) \
@@ -154,6 +162,16 @@ rm -rf ${RPM_BUILD_ROOT}
 %dir %{_sysconfdir}/wordpress
 
 %changelog
+* Wed Jan 30 2013 Remi Collet <rcollet at redhat.com> - 3.5.1-1
+- version 3.5.1, various bug and security fixes:
+  CVE-2013-0235, CVE-2013-0236 and CVE-2013-0237
+- drop -f option from rm to break build if
+  upstream archive content change
+- protect akismet content (from upstream .htaccess)
+
+* Mon Jan  2 2013 Remi Collet <rcollet at redhat.com> - 3.5-3
+- fix links to system PHPMailer library
+
 * Wed Dec 12 2012 Matěj Cepl <mcepl at redhat.com> - 3.5-1
 - New upstream release.

More information about the scm-commits mailing list