Date: Friday, February 22, 2019 @ 15:51:17
Author: arodseth
Revision: 435215
upgpkg: wordpress 5.1-1
Modified:
wordpress/trunk/PKGBUILD
wordpress/trunk/password_reset_exploit.patch
------------------------------+
PKGBUILD | 25 ++++++++---------
password_reset_exploit.patch | 58 +++++++++++++++++++----------------------
2 files changed, 40 insertions(+), 43 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2019-02-22 15:51:07 UTC (rev 435214)
+++ PKGBUILD 2019-02-22 15:51:17 UTC (rev 435215)
@@ -5,33 +5,32 @@
# Contributor: Christopher Rogers <slaxemula...@gmail.com>
pkgname=wordpress
-pkgver=5.0.3
+pkgver=5.1
pkgrel=1
pkgdesc='Blog tool and publishing platform'
-arch=('any')
+arch=(any)
url='https://wordpress.org/'
-license=('GPL')
-depends=('php')
+license=(GPL)
+depends=(php)
optdepends=('nginx: Web server for serving WordPress'
'apache: Web server for serving WordPress'
'mariadb: Database server')
-options=('emptydirs')
-install="$pkgname.install"
+options=(emptydirs)
+install=$pkgname.install
source=("https://wordpress.org/$pkgname-$pkgver.tar.gz";
- 'password_reset_exploit.patch')
-sha256sums=('9aa4d1bc9acc39279f15e914415be87af01a886287b1b92b3a80426a4edbd78a'
- 'e73886f5cd0dd79a1ddc64113b181df0d32cefc975a09796994e885d75361726')
+ password_reset_exploit.patch)
+sha256sums=('debd29c267021e34f59c31b210dd82e9c476fa9f1abdc62b5fdd1d50078fed4a'
+ '84c716953fb1aad583bfe62c2aba88173b760c60a90f6752228d4ba966e647b9')
prepare() {
- cd "$pkgname"
-
+ cd $pkgname
patch -p1 -i "$srcdir/password_reset_exploit.patch"
}
package() {
install -d "$pkgdir/usr/share/webapps"
- cp -r "$pkgname" "$pkgdir/usr/share/webapps"
+ cp -r $pkgname "$pkgdir/usr/share/webapps"
}
-# getver: wordpress.org/download/
+# getver: core.trac.wordpress.org/timeline?milestone=on
# vim: ts=2 sw=2 et:
Modified: password_reset_exploit.patch
===================================================================
--- password_reset_exploit.patch 2019-02-22 15:51:07 UTC (rev 435214)
+++ password_reset_exploit.patch 2019-02-22 15:51:17 UTC (rev 435215)
@@ -1,33 +1,31 @@
--- a/wp-includes/pluggable.php 2017-05-07 15:19:40.838218673 +0200
+++ b/wp-includes/pluggable.php 2017-05-07 15:25:35.661548515 +0200
-@@ -321,15 +321,21 @@
- * https://core.trac.wordpress.org/ticket/5007.
- */
-
-- if ( !isset( $from_email ) ) {
-- // Get the site domain and get rid of www.
-- $sitename = strtolower( $_SERVER['SERVER_NAME'] );
-- if ( substr( $sitename, 0, 4 ) == 'www.' ) {
-- $sitename = substr( $sitename, 4 );
-- }
+@@ -328,14 +328,20 @@
+ * https://core.trac.wordpress.org/ticket/5007.
+ */
+
+- if ( ! isset( $from_email ) ) {
+- // Get the site domain and get rid of www.
+- $sitename = strtolower( $_SERVER['SERVER_NAME'] );
+- if ( substr( $sitename, 0, 4 ) == 'www.' ) {
+- $sitename = substr( $sitename, 4 );
+- }
-
-- $from_email = 'wordpress@' . $sitename;
-- }
-+ // Thanks simlevesque @ https://news.ycombinator.com/item?id=14265092
-+ if ( !isset( $from_email ) ) {
-+ // Get the site domain and get rid of www.
-+ $sitename = strtolower( WP_HOME );
-+ if ( substr( $sitename, 0, 7 ) == 'http://' ) {
-+ $sitename = substr( $sitename, 7 );
-+ }
-+ if ( substr( $sitename, 0, 8 ) == 'https://' ) {
-+ $sitename = substr( $sitename, 8 );
-+ }
-+ if ( substr( $sitename, 0, 4 ) == 'www.' ) {
-+ $sitename = substr( $sitename, 4 );
-+ }
-+ $from_email = 'wordpress@' . $sitename;
-+ }
-
- /**
- * Filters the email address to send from.
+- $from_email = 'wordpress@' . $sitename;
++ // Thanks simlevesque @
https://news.ycombinator.com/item?id=14265092
++ if ( !isset( $from_email ) ) {
++ // Get the site domain and get rid of www.
++ $sitename = strtolower( WP_HOME );
++ if ( substr( $sitename, 0, 7 ) == 'http://' ) {
++ $sitename = substr( $sitename,
7 );
++ }
++ if ( substr( $sitename, 0, 8 ) == 'https://' ) {
++ $sitename = substr( $sitename,
8 );
++ }
++ if ( substr( $sitename, 0, 4 ) == 'www.' ) {
++ $sitename = substr( $sitename,
4 );
++ }
++ $from_email = 'wordpress@' . $sitename;
+ }
+
+ /**
