Date: Thursday, June 8, 2017 @ 21:29:04 Author: arodseth Revision: 235476
archrelease: copy trunk to community-any Added: wordpress/repos/community-any/PKGBUILD (from rev 235475, wordpress/trunk/PKGBUILD) wordpress/repos/community-any/password_reset_exploit.patch (from rev 235475, wordpress/trunk/password_reset_exploit.patch) wordpress/repos/community-any/wordpress.install (from rev 235475, wordpress/trunk/wordpress.install) Deleted: wordpress/repos/community-any/PKGBUILD wordpress/repos/community-any/password_reset_exploit.patch wordpress/repos/community-any/wordpress.install ------------------------------+ PKGBUILD | 72 ++++++++++++++++++++--------------------- password_reset_exploit.patch | 66 ++++++++++++++++++------------------- wordpress.install | 42 +++++++++++------------ 3 files changed, 90 insertions(+), 90 deletions(-) Deleted: PKGBUILD =================================================================== --- PKGBUILD 2017-06-08 21:28:07 UTC (rev 235475) +++ PKGBUILD 2017-06-08 21:29:04 UTC (rev 235476) @@ -1,36 +0,0 @@ -# $Id$ -# Maintainer: Alexander F Rødseth <xypr...@archlinux.org> -# Contributor: Thomas Dziedzic <gos...@gmail.com> -# Contributor: Jose Valecillos <valecillo...@gmail.com> -# Contributor: Kaos <gianlucaat...@gmail.com> -# Contributor: Christopher Rogers <slaxemula...@gmail.com> - -pkgname=wordpress -pkgver=4.7.5 -pkgrel=1 -pkgdesc='Blog tool and publishing platform' -arch=('any') -url='https://wordpress.org/' -license=('GPL') -depends=('php') -optdepends=('apache: Web server to run wordpress' - 'nginx: Web server to run wordpress' - 'cherokee: Lightweight Web server to run wordpress' - 'mysql: Database server') -options=('emptydirs') -install="$pkgname.install" -source=("https://wordpress.org/$pkgname-$pkgver.tar.gz" 'password_reset_exploit.patch') -sha256sums=('95af89101db8efea48711b7cc169c2a7440a2fba17eee1a057f442091cdec01b' - '68244b5bd534b21c88dc25074bf1fbc7a26d601cee69d78a467b1287f9eb2eed') - -prepare() { - cd "$pkgname" - patch -p1 -i "$srcdir/password_reset_exploit.patch" -} - -package() { - install -d "$pkgdir/usr/share/webapps" - cp -r "$pkgname" "$pkgdir/usr/share/webapps" -} - -# vim:set ts=2 sw=2 et: Copied: wordpress/repos/community-any/PKGBUILD (from rev 235475, wordpress/trunk/PKGBUILD) =================================================================== --- PKGBUILD (rev 0) +++ PKGBUILD 2017-06-08 21:29:04 UTC (rev 235476) @@ -0,0 +1,36 @@ +# $Id$ +# Maintainer: Alexander F Rødseth <xypr...@archlinux.org> +# Contributor: Thomas Dziedzic <gos...@gmail.com> +# Contributor: Jose Valecillos <valecillo...@gmail.com> +# Contributor: Kaos <gianlucaat...@gmail.com> +# Contributor: Christopher Rogers <slaxemula...@gmail.com> + +pkgname=wordpress +pkgver=4.8 +pkgrel=1 +pkgdesc='Blog tool and publishing platform' +arch=('any') +url='https://wordpress.org/' +license=('GPL') +depends=('php') +optdepends=('apache: Web server to run wordpress' + 'nginx: Web server to run wordpress' + 'cherokee: Lightweight Web server to run wordpress' + 'mysql: Database server') +options=('emptydirs') +install="$pkgname.install" +source=("https://wordpress.org/$pkgname-$pkgver.tar.gz" 'password_reset_exploit.patch') +sha256sums=('39210d593700dc26c58a53b38172be63ea3da67020d80bb2cf34b396b732dd4d' + '68244b5bd534b21c88dc25074bf1fbc7a26d601cee69d78a467b1287f9eb2eed') + +prepare() { + cd "$pkgname" + patch -p1 -i "$srcdir/password_reset_exploit.patch" +} + +package() { + install -d "$pkgdir/usr/share/webapps" + cp -r "$pkgname" "$pkgdir/usr/share/webapps" +} + +# vim: ts=2 sw=2 et: Deleted: password_reset_exploit.patch =================================================================== --- password_reset_exploit.patch 2017-06-08 21:28:07 UTC (rev 235475) +++ password_reset_exploit.patch 2017-06-08 21:29:04 UTC (rev 235476) @@ -1,33 +0,0 @@ ---- a/wp-includes/pluggable.php 2017-05-07 15:19:40.838218673 +0200 -+++ b/wp-includes/pluggable.php 2017-05-07 15:25:35.661548515 +0200 -@@ -321,15 +321,21 @@ - * https://core.trac.wordpress.org/ticket/5007. - */ - -- if ( !isset( $from_email ) ) { -- // Get the site domain and get rid of www. -- $sitename = strtolower( $_SERVER['SERVER_NAME'] ); -- if ( substr( $sitename, 0, 4 ) == 'www.' ) { -- $sitename = substr( $sitename, 4 ); -- } -- -- $from_email = 'wordpress@' . $sitename; -- } -+ // Thanks simlevesque @ https://news.ycombinator.com/item?id=14265092 -+ if ( !isset( $from_email ) ) { -+ // Get the site domain and get rid of www. -+ $sitename = strtolower( WP_HOME ); -+ if ( substr( $sitename, 0, 7 ) == 'http://' ) { -+ $sitename = substr( $sitename, 7 ); -+ } -+ if ( substr( $sitename, 0, 8 ) == 'https://' ) { -+ $sitename = substr( $sitename, 8 ); -+ } -+ if ( substr( $sitename, 0, 4 ) == 'www.' ) { -+ $sitename = substr( $sitename, 4 ); -+ } -+ $from_email = 'wordpress@' . $sitename; -+ } - - /** - * Filters the email address to send from. Copied: wordpress/repos/community-any/password_reset_exploit.patch (from rev 235475, wordpress/trunk/password_reset_exploit.patch) =================================================================== --- password_reset_exploit.patch (rev 0) +++ password_reset_exploit.patch 2017-06-08 21:29:04 UTC (rev 235476) @@ -0,0 +1,33 @@ +--- a/wp-includes/pluggable.php 2017-05-07 15:19:40.838218673 +0200 ++++ b/wp-includes/pluggable.php 2017-05-07 15:25:35.661548515 +0200 +@@ -321,15 +321,21 @@ + * https://core.trac.wordpress.org/ticket/5007. + */ + +- if ( !isset( $from_email ) ) { +- // Get the site domain and get rid of www. +- $sitename = strtolower( $_SERVER['SERVER_NAME'] ); +- if ( substr( $sitename, 0, 4 ) == 'www.' ) { +- $sitename = substr( $sitename, 4 ); +- } +- +- $from_email = 'wordpress@' . $sitename; +- } ++ // Thanks simlevesque @ https://news.ycombinator.com/item?id=14265092 ++ if ( !isset( $from_email ) ) { ++ // Get the site domain and get rid of www. ++ $sitename = strtolower( WP_HOME ); ++ if ( substr( $sitename, 0, 7 ) == 'http://' ) { ++ $sitename = substr( $sitename, 7 ); ++ } ++ if ( substr( $sitename, 0, 8 ) == 'https://' ) { ++ $sitename = substr( $sitename, 8 ); ++ } ++ if ( substr( $sitename, 0, 4 ) == 'www.' ) { ++ $sitename = substr( $sitename, 4 ); ++ } ++ $from_email = 'wordpress@' . $sitename; ++ } + + /** + * Filters the email address to send from. Deleted: wordpress.install =================================================================== --- wordpress.install 2017-06-08 21:28:07 UTC (rev 235475) +++ wordpress.install 2017-06-08 21:29:04 UTC (rev 235476) @@ -1,21 +0,0 @@ -post_install() { - # Make uploads work - install -dm775 /usr/share/webapps/wordpress/wp-content/uploads - chown http:http /usr/share/webapps/wordpress/wp-content/uploads - echo 'You can now configure your (PHP compatible) web server to run Wordpress' -} - -pre_remove() { - cp -r /usr/share/webapps/wordpress /usr/share/webapps/wordpress_backup - echo 'Your Wordpress folder were backed up to /usr/share/webapps/wordpress_backup' -} - -post_remove() { - rm -rf /usr/share/webapps/wordpress -} - -post_upgrade() { - echo 'Wordpress is in /usr/share/webapps now' -} - -# vim:set ts=2 sw=2 et: Copied: wordpress/repos/community-any/wordpress.install (from rev 235475, wordpress/trunk/wordpress.install) =================================================================== --- wordpress.install (rev 0) +++ wordpress.install 2017-06-08 21:29:04 UTC (rev 235476) @@ -0,0 +1,21 @@ +post_install() { + # Make uploads work + install -dm775 /usr/share/webapps/wordpress/wp-content/uploads + chown http:http /usr/share/webapps/wordpress/wp-content/uploads + echo 'You can now configure your (PHP compatible) web server to run Wordpress' +} + +pre_remove() { + cp -r /usr/share/webapps/wordpress /usr/share/webapps/wordpress_backup + echo 'Your Wordpress folder were backed up to /usr/share/webapps/wordpress_backup' +} + +post_remove() { + rm -rf /usr/share/webapps/wordpress +} + +post_upgrade() { + echo 'Wordpress is in /usr/share/webapps now' +} + +# vim:set ts=2 sw=2 et: