Bug 216059 - www/wordpress chinese/wordpress-zh_CN chinese/wordpress-zh_TW japanese/wordpress german/wordpress russian/wordpress: Update to 4.7.1
Summary: www/wordpress chinese/wordpress-zh_CN chinese/wordpress-zh_TW japanese/wordpr...
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Sunpoet Po-Chuan Hsieh
URL:
Keywords: security
Depends on:
Blocks:
 
Reported: 2017-01-14 07:14 UTC by Jochen Neumeister
Modified: 2017-01-15 02:20 UTC (History)
2 users (show)

See Also:
junovitch: merge-quarterly+


Attachments
Patch (5.11 KB, patch)
2017-01-14 07:14 UTC, Jochen Neumeister
joneum: maintainer-approval+
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Jochen Neumeister freebsd_committer 2017-01-14 07:14:09 UTC
Created attachment 178876 [details]
Patch

https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/

WordPress 4.7.1 Security and Maintenance Release

poudriere build fine for:
10.3 amd + i386
11.0 amd + i386
12-current amd + i386 (r310257)

portlint -AC is also fine.


Cheers
jochen
Comment 1 Sunpoet Po-Chuan Hsieh freebsd_committer 2017-01-14 15:08:59 UTC
chinese/wordpress-zh_TW is not updated in this patch. I've added it.

BTW, since the only difference among these ports is the translation files, I would recommend changing how WordPress is installed. Would you consider:

option 1:
- www/wordpress: unchanged
- other ports: depend on www/wordpress and install translation files only

option 2:
- www/wordpress: unchanged
- other ports: convert to language options of www/wordpress
Comment 2 commit-hook freebsd_committer 2017-01-14 17:21:10 UTC
A commit references this bug:

Author: sunpoet
Date: Sat Jan 14 17:19:50 UTC 2017
New revision: 431483
URL: https://svnweb.freebsd.org/changeset/ports/431483

Log:
  Update to 4.7.1

  Changes:	https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  PR:		216059
  Submitted by:	Jochen Neumeister <joneum@bsdproject.de> (maintainer)

Changes:
  head/chinese/wordpress-zh_CN/Makefile
  head/chinese/wordpress-zh_CN/distinfo
  head/chinese/wordpress-zh_TW/Makefile
  head/chinese/wordpress-zh_TW/distinfo
  head/german/wordpress/Makefile
  head/german/wordpress/distinfo
  head/japanese/wordpress/Makefile
  head/japanese/wordpress/distinfo
  head/russian/wordpress/Makefile
  head/russian/wordpress/distinfo
  head/www/wordpress/Makefile
  head/www/wordpress/distinfo
Comment 3 Sunpoet Po-Chuan Hsieh freebsd_committer 2017-01-14 17:23:03 UTC
Committed. Thanks!
Comment 4 commit-hook freebsd_committer 2017-01-15 02:16:32 UTC
A commit references this bug:

Author: junovitch
Date: Sun Jan 15 02:16:21 UTC 2017
New revision: 431506
URL: https://svnweb.freebsd.org/changeset/ports/431506

Log:
  Document Wordpress security issues in 4.7.1.

  Note per upstream PHPMailer was updated but "No specific issue appears
  to affect WordPress or any of the major plugins we investigated". As such
  leave the PHPMailer entry as is at this time.

  PR:		216059
  Reported by:	Jochen Neumeister <joneum@bsdproject.de>
  Security:	CVE-2017-5487
  Security:	CVE-2017-5488
  Security:	CVE-2017-5489
  Security:	CVE-2017-5490
  Security:	CVE-2017-5491
  Security:	CVE-2017-5492
  Security:	CVE-2017-5493
  Security:	https://vuxml.FreeBSD.org/freebsd/b180d1fb-dac6-11e6-ae1b-002590263bf5.html

Changes:
  head/security/vuxml/vuln.xml
Comment 5 commit-hook freebsd_committer 2017-01-15 02:18:36 UTC
A commit references this bug:

Author: junovitch
Date: Sun Jan 15 02:18:11 UTC 2017
New revision: 431507
URL: https://svnweb.freebsd.org/changeset/ports/431507

Log:
  MFH: r431483

  Update to 4.7.1

  Changes:	https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/

  PR:		216059
  Submitted by:	Jochen Neumeister <joneum@bsdproject.de> (maintainer)
  Security:	CVE-2017-5487
  Security:	CVE-2017-5488
  Security:	CVE-2017-5489
  Security:	CVE-2017-5490
  Security:	CVE-2017-5491
  Security:	CVE-2017-5492
  Security:	CVE-2017-5493
  Security:	https://vuxml.FreeBSD.org/freebsd/b180d1fb-dac6-11e6-ae1b-002590263bf5.htm
  Approved by:	ports-secteam (with hat)

Changes:
_U  branches/2017Q1/
  branches/2017Q1/chinese/wordpress-zh_CN/Makefile
  branches/2017Q1/chinese/wordpress-zh_CN/distinfo
  branches/2017Q1/chinese/wordpress-zh_TW/Makefile
  branches/2017Q1/chinese/wordpress-zh_TW/distinfo
  branches/2017Q1/german/wordpress/Makefile
  branches/2017Q1/german/wordpress/distinfo
  branches/2017Q1/japanese/wordpress/Makefile
  branches/2017Q1/japanese/wordpress/distinfo
  branches/2017Q1/russian/wordpress/Makefile
  branches/2017Q1/russian/wordpress/distinfo
  branches/2017Q1/www/wordpress/Makefile
  branches/2017Q1/www/wordpress/distinfo