File: [cvs.NetBSD.org] / pkgsrc / www / wordpress / distinfo (download)
Revision 1.11, Thu Feb 10 10:25:50 2011 UTC (13 years, 2 months ago) by morr
Branch: MAIN
Changes since 1.10: +4 -4
lines
Security update to 3.0.5. Changes:
* Fix XSS bug: Properly encode title used in Quick/Bulk Edit, and offer additional sanitization to various fields. Affects users of the Author or Contributor role.
* Fix XSS bug: Preserve tag escaping in the tags meta box. Affects users of the Author or Contributor role.
* Fix potential information disclosure of posts through the media uploader. Affects users of the Author role.
* Enhancement: Force HTML filtering on comment text in the admin
* Enhancement: Harden check_admin_referer() when called without arguments, which plugins should avoid.
* Update the license to GPLv2 (or later) and update copyright information for the KSES library.
|
![[BACK]](/icons/back.gif){kind=icon}
Return to distinfo CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / www / wordpress