[wordpress/epel7] - update to 3.9.2 Security Release #1127547 - config file only readable by apache user (httpd or php

Remi Collet remi at fedoraproject.org
Thu Aug 7 14:48:51 UTC 2014 

commit 3853663a946a1f2ad508cec5ebff6a3c728db506
Author: Remi Collet <rcollet at redhat.com>
Date:   Thu Aug 7 16:46:49 2014 +0200

    - update to 3.9.2 Security Release #1127547
    - config file only readable by apache user (httpd or php-fpm) #1124582
    
    (cherry picked from commit cde8ef064571ecf99e9451eaaa17f723e61ce285)

 .gitignore     |    1 +
 sources        |    2 +-
 wordpress.spec |   15 +++++++++++----
 3 files changed, 13 insertions(+), 5 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 76fb94e..6009756 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,3 +8,4 @@ clog
 /wordpress-3.8.3.tar.gz
 /wordpress-3.9.tar.gz
 /wordpress-3.9.1.tar.gz
+/wordpress-3.9.2.tar.gz
diff --git a/sources b/sources
index c975915..448899a 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-46e303b587ba3d1f951b348d2c477c3c  wordpress-3.9.1.tar.gz
+c942a75d659b801195e53bcbd4770f31  wordpress-3.9.2.tar.gz
diff --git a/wordpress.spec b/wordpress.spec
index 3673112..15a0bb2 100644
--- a/wordpress.spec
+++ b/wordpress.spec
@@ -10,9 +10,9 @@
 Summary:    Blog tool and publishing platform
 URL:        http://www.wordpress.org
 Name:       wordpress
-Version:    3.9.1
+Version:    3.9.2
 Group:      Applications/Publishing
-Release:    1%{?dist}
+Release:    2%{?dist}
 License:    GPLv2
 
 Source0:    http://wordpress.org/%{name}-%{version}.tar.gz
@@ -85,7 +85,7 @@ Requires: php-zip
 Requires: php-zlib
 # Unbundled libraries
 Requires: php-PHPMailer
-Requires: webserver
+Requires: httpd
 %if %{with_cacert}
 Requires: ca-certificates
 %endif
@@ -124,6 +124,9 @@ rm wp-includes/js/plupload/plupload.flash.swf
 # swfupload can just die in its entirety
 rm -rf wp-includes/js/swfupload
 
+# remove .htaccess, protected by httpd config file
+rm wp-content/plugins/akismet/.htaccess
+
 %patch0 -p1 -b .dolly
 #patch1 -p1 -b .rhbz522897
 %patch2 -p1
@@ -248,11 +251,15 @@ rm -rf ${RPM_BUILD_ROOT}
 %doc README.fedora
 %doc README.fedora-multiuser
 %{_datadir}/wordpress/wp-*.php
-%config(noreplace) %{_sysconfdir}/wordpress/wp-config.php
+%attr(640,root,apache) %config(noreplace) %{_sysconfdir}/wordpress/wp-config.php
 %{_datadir}/wordpress/xmlrpc.php
 %dir %{_sysconfdir}/wordpress
 
 %changelog
+* Thu Aug  7 2014 Remi Collet <remi at fedoraproject.org> - 3.9.2-1
+- update to 3.9.2 Security Release #1127547
+- config file only readable by apache user (httpd or php-fpm) #1124582
+
 * Fri May  9 2014 Remi Collet <remi at fedoraproject.org> - 3.9.1-1
 - update to 3.9.1 Maintenance Release

More information about the scm-commits mailing list