summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSteve Dibb <beandog@gentoo.org>2007-01-04 20:16:57 +0000
committerSteve Dibb <beandog@gentoo.org>2007-01-04 20:16:57 +0000
commit34637dd36b45198c343af4bd13d8f9b49c55bfde (patch)
tree87653d616a8cd2b44a749094a846f211dedba198 /www-apps/wordpress
parentStable on IA64. (diff)
downloadgentoo-2-34637dd36b45198c343af4bd13d8f9b49c55bfde.tar.gz
gentoo-2-34637dd36b45198c343af4bd13d8f9b49c55bfde.tar.bz2
gentoo-2-34637dd36b45198c343af4bd13d8f9b49c55bfde.zip
Security fix, bug 159229
(Portage version: 2.1.1-r2)
Diffstat (limited to 'www-apps/wordpress')
-rw-r--r--www-apps/wordpress/ChangeLog11
-rw-r--r--www-apps/wordpress/files/digest-wordpress-2.0.5-r13
-rw-r--r--www-apps/wordpress/files/wordpress-2.0.5-templates-sec.diff17
-rw-r--r--www-apps/wordpress/wordpress-2.0.5-r1.ebuild98
4 files changed, 127 insertions, 2 deletions
diff --git a/www-apps/wordpress/ChangeLog b/www-apps/wordpress/ChangeLog
index 193c456e91ee..749d2799ef27 100644
--- a/www-apps/wordpress/ChangeLog
+++ b/www-apps/wordpress/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for www-apps/wordpress
-# Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/wordpress/ChangeLog,v 1.66 2006/11/23 21:50:54 vivo Exp $
+# Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/www-apps/wordpress/ChangeLog,v 1.67 2007/01/04 20:16:57 beandog Exp $
+
+*wordpress-2.0.5-r1 (04 Jan 2007)
+
+ 04 Jan 2007; Steve Dibb <beandog@gentoo.org>
+ +files/wordpress-2.0.5-templates-sec.diff, -wordpress-2.0.5.ebuild,
+ +wordpress-2.0.5-r1.ebuild:
+ Security fix, bug 159229
23 Nov 2006; vivo ChangeLog:
dev-db/mysql => virtual/mysql corrections
diff --git a/www-apps/wordpress/files/digest-wordpress-2.0.5-r1 b/www-apps/wordpress/files/digest-wordpress-2.0.5-r1
new file mode 100644
index 000000000000..a64b1f4054c8
--- /dev/null
+++ b/www-apps/wordpress/files/digest-wordpress-2.0.5-r1
@@ -0,0 +1,3 @@
+MD5 f16ffc47e22ba3540a1e4f32354fae0e wordpress-2.0.5.tar.gz 517574
+RMD160 dcf6d225c25d74a659717b682827d32ddbfdf939 wordpress-2.0.5.tar.gz 517574
+SHA256 e4bb49dabc68e10e973a23ea86dd5748594f226ddb9298bab823e7dcc3c859cf wordpress-2.0.5.tar.gz 517574
diff --git a/www-apps/wordpress/files/wordpress-2.0.5-templates-sec.diff b/www-apps/wordpress/files/wordpress-2.0.5-templates-sec.diff
new file mode 100644
index 000000000000..fc299a363998
--- /dev/null
+++ b/www-apps/wordpress/files/wordpress-2.0.5-templates-sec.diff
@@ -0,0 +1,17 @@
+--- wp-admin/templates.php.orig 2006-12-30 13:02:01.000000000 -0700
++++ wp-admin/templates.php 2006-12-30 13:02:26.000000000 -0700
+@@ -108,13 +108,13 @@
+ if ( $recents ) :
+ ?>
+ <h3><?php _e('Recent'); ?></h3>
+ <?php
+ echo '<ol>';
+ foreach ($recents as $recent) :
+- echo "<li><a href='templates.php?file=" . wp_specialchars($recent, true) . "'>" . get_file_description(basename($recent)) . "</a></li>";
++ echo "<li><a href='templates.php?file=" . wp_specialchars($recent, true) . "'>" . wp_specialchars(get_file_description(basename($recent))) . "</a></li>";
+ endforeach;
+ echo '</ol>';
+ endif;
+ ?>
+ <h3><?php _e('Common'); ?></h3>
+ <?php $common_files = array('index.php', '.htaccess', 'my-hacks.php');
diff --git a/www-apps/wordpress/wordpress-2.0.5-r1.ebuild b/www-apps/wordpress/wordpress-2.0.5-r1.ebuild
new file mode 100644
index 000000000000..ca403a56b28b
--- /dev/null
+++ b/www-apps/wordpress/wordpress-2.0.5-r1.ebuild
@@ -0,0 +1,98 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/www-apps/wordpress/wordpress-2.0.5-r1.ebuild,v 1.1 2007/01/04 20:16:57 beandog Exp $
+
+inherit webapp eutils
+
+#Wordpress releases have a release name tagged on the end of the version on the tar.gz files
+#MY_EXT="mingus"
+
+DESCRIPTION="Wordpress php and mysql based CMS system."
+HOMEPAGE="http://wordpress.org/"
+#Latest version is only available in the format!
+#Download is renamed by HTTP Header as wordpress-<version number>.tar.gz
+SRC_URI=mirror://gentoo/${P}.tar.gz
+LICENSE="GPL-2"
+KEYWORDS="amd64 hppa ppc sparc x86"
+IUSE=""
+RDEPEND="virtual/httpd-php
+ virtual/mysql"
+WEBAPP_MANUAL_SLOT="yes"
+SLOT="2.0.5"
+
+DEPEND="${DEPEND} ${RDEPEND}"
+
+S="${WORKDIR}/${PN}"
+
+src_unpack() {
+ unpack ${A}
+ cd ${S}
+ epatch ${FILESDIR}/wordpress-2.0.5-templates-sec.diff
+}
+
+src_install() {
+ local docs="license.txt readme.html"
+
+ webapp_src_preinst
+
+ einfo "Installing main files"
+ cp wp-config-sample.php wp-config.php
+ cp -r * ${D}${MY_HTDOCSDIR}
+ einfo "Done"
+
+ ewarn
+ ewarn Please make sure you have register_globals = off set in your /etc/apache2/php.ini file
+ ewarn If this is not an option for your web server and you NEED it set to on, then insert the following in your WordPress .htaccess file:
+ ewarn php_flag register_globals off
+ ewarn
+
+ ewarn
+ ewarn You will need to create a table for your WordPress database. This
+ ewarn assumes you have some knowledge of MySQL, and already have it
+ ewarn installed and configured. If not, please refer to
+ ewarn the Gentoo MySQL guide at the following URL:
+ ewarn http://www.gentoo.org/doc/en/mysql-howto.xml
+ ewarn Log in to MySQL, and create a new database called
+ ewarn "wordpress". From this point, you will need to edit
+ ewarn your wp-config.php file in $DocumentRoot/wordpress/
+ ewarn and point to your database. Once this is done, you can log in to
+ ewarn WordPress at http://localhost/wordpress
+ ewarn
+
+ ewarn
+ ewarn If you are upgrading from a previous version BACK UP your
+ ewarn database. Once you are done with that, browse to
+ ewarn http://localhost/wordpress/wp-admin/upgrade.php and follow
+ ewarn the instructions on the screen.
+ ewarn
+
+ # handle documentation files
+ #
+ # NOTE that doc files go into /usr/share/doc as normal; they do NOT
+ # get installed per vhost!
+
+ dodoc ${docs}
+ for doc in ${docs} INSTALL; do
+ rm -f ${doc}
+ done
+
+ # Identify the configuration files that this app uses
+ # User can want to make changes to these!
+ webapp_serverowned ${MY_HTDOCSDIR}/index.php
+ #webapp_serverowned ${MY_HTDOCSDIR}/wp-layout.css
+ webapp_serverowned ${MY_HTDOCSDIR}/wp-admin/menu.php
+ webapp_serverowned ${MY_HTDOCSDIR}
+ webapp_configfile ${MY_HTDOCSDIR}/wp-config.php
+ # Identify any script files that need #! headers adding to run under
+ # a CGI script (such as PHP/CGI)
+ #
+ # for wordpress, we *assume* that all .php files need to have CGI/BIN
+ # support added
+
+ # post-install instructions
+ #webapp_postinst_txt en ${FILESDIR}/1.2/postinstall-en.txt
+
+ # now strut stuff
+ webapp_src_install
+
+}