Date: Friday, July 13, 2018 @ 13:42:32 Author: arodseth Revision: 358621
archrelease: copy trunk to community-any Added: wordpress/repos/community-any/PKGBUILD (from rev 358620, wordpress/trunk/PKGBUILD) wordpress/repos/community-any/password_reset_exploit.patch (from rev 358620, wordpress/trunk/password_reset_exploit.patch) wordpress/repos/community-any/wordpress.install (from rev 358620, wordpress/trunk/wordpress.install) Deleted: wordpress/repos/community-any/PKGBUILD wordpress/repos/community-any/password_reset_exploit.patch wordpress/repos/community-any/wordpress.install ------------------------------+ PKGBUILD | 76 ++++++++++++++++++++--------------------- password_reset_exploit.patch | 66 +++++++++++++++++------------------ wordpress.install | 42 +++++++++++----------- 3 files changed, 92 insertions(+), 92 deletions(-) Deleted: PKGBUILD =================================================================== --- PKGBUILD 2018-07-13 13:42:18 UTC (rev 358620) +++ PKGBUILD 2018-07-13 13:42:32 UTC (rev 358621) @@ -1,38 +0,0 @@ -# $Id$ -# Maintainer: Alexander F Rødseth <xypr...@archlinux.org> -# Contributor: Thomas Dziedzic <gos...@gmail.com> -# Contributor: Jose Valecillos <valecillo...@gmail.com> -# Contributor: Kaos <gianlucaat...@gmail.com> -# Contributor: Christopher Rogers <slaxemula...@gmail.com> - -pkgname=wordpress -pkgver=4.9.6 -pkgrel=1 -pkgdesc='Blog tool and publishing platform' -arch=('any') -url='https://wordpress.org/' -license=('GPL') -depends=('php') -optdepends=('nginx: Web server for serving Wordpress' - 'apache: Web server for serving Wordpress' - 'mariadb: Database server') -options=('emptydirs') -install="$pkgname.install" -source=("https://wordpress.org/$pkgname-$pkgver.tar.gz" - 'password_reset_exploit.patch') -sha256sums=('08256affe745ad68f4210d26dce932fa43ec2da16f0ec96c2e76cac9836bd77a' - '68244b5bd534b21c88dc25074bf1fbc7a26d601cee69d78a467b1287f9eb2eed') - -prepare() { - cd "$pkgname" - - patch -p1 -i "$srcdir/password_reset_exploit.patch" -} - -package() { - install -d "$pkgdir/usr/share/webapps" - cp -r "$pkgname" "$pkgdir/usr/share/webapps" -} - -# getver: wordpress.org/download/ -# vim: ts=2 sw=2 et: Copied: wordpress/repos/community-any/PKGBUILD (from rev 358620, wordpress/trunk/PKGBUILD) =================================================================== --- PKGBUILD (rev 0) +++ PKGBUILD 2018-07-13 13:42:32 UTC (rev 358621) @@ -0,0 +1,38 @@ +# $Id$ +# Maintainer: Alexander F Rødseth <xypr...@archlinux.org> +# Contributor: Thomas Dziedzic <gos...@gmail.com> +# Contributor: Jose Valecillos <valecillo...@gmail.com> +# Contributor: Kaos <gianlucaat...@gmail.com> +# Contributor: Christopher Rogers <slaxemula...@gmail.com> + +pkgname=wordpress +pkgver=4.9.7 +pkgrel=1 +pkgdesc='Blog tool and publishing platform' +arch=('any') +url='https://wordpress.org/' +license=('GPL') +depends=('php') +optdepends=('nginx: Web server for serving Wordpress' + 'apache: Web server for serving Wordpress' + 'mariadb: Database server') +options=('emptydirs') +install="$pkgname.install" +source=("https://wordpress.org/$pkgname-$pkgver.tar.gz" + 'password_reset_exploit.patch') +sha256sums=('8514274c5d5b27f8d7c5fb39947d8afc947396940a8a4daffd4fb56c8bbf3b69' + '68244b5bd534b21c88dc25074bf1fbc7a26d601cee69d78a467b1287f9eb2eed') + +prepare() { + cd "$pkgname" + + patch -p1 -i "$srcdir/password_reset_exploit.patch" +} + +package() { + install -d "$pkgdir/usr/share/webapps" + cp -r "$pkgname" "$pkgdir/usr/share/webapps" +} + +# getver: wordpress.org/download/ +# vim: ts=2 sw=2 et: Deleted: password_reset_exploit.patch =================================================================== --- password_reset_exploit.patch 2018-07-13 13:42:18 UTC (rev 358620) +++ password_reset_exploit.patch 2018-07-13 13:42:32 UTC (rev 358621) @@ -1,33 +0,0 @@ ---- a/wp-includes/pluggable.php 2017-05-07 15:19:40.838218673 +0200 -+++ b/wp-includes/pluggable.php 2017-05-07 15:25:35.661548515 +0200 -@@ -321,15 +321,21 @@ - * https://core.trac.wordpress.org/ticket/5007. - */ - -- if ( !isset( $from_email ) ) { -- // Get the site domain and get rid of www. -- $sitename = strtolower( $_SERVER['SERVER_NAME'] ); -- if ( substr( $sitename, 0, 4 ) == 'www.' ) { -- $sitename = substr( $sitename, 4 ); -- } -- -- $from_email = 'wordpress@' . $sitename; -- } -+ // Thanks simlevesque @ https://news.ycombinator.com/item?id=14265092 -+ if ( !isset( $from_email ) ) { -+ // Get the site domain and get rid of www. -+ $sitename = strtolower( WP_HOME ); -+ if ( substr( $sitename, 0, 7 ) == 'http://' ) { -+ $sitename = substr( $sitename, 7 ); -+ } -+ if ( substr( $sitename, 0, 8 ) == 'https://' ) { -+ $sitename = substr( $sitename, 8 ); -+ } -+ if ( substr( $sitename, 0, 4 ) == 'www.' ) { -+ $sitename = substr( $sitename, 4 ); -+ } -+ $from_email = 'wordpress@' . $sitename; -+ } - - /** - * Filters the email address to send from. Copied: wordpress/repos/community-any/password_reset_exploit.patch (from rev 358620, wordpress/trunk/password_reset_exploit.patch) =================================================================== --- password_reset_exploit.patch (rev 0) +++ password_reset_exploit.patch 2018-07-13 13:42:32 UTC (rev 358621) @@ -0,0 +1,33 @@ +--- a/wp-includes/pluggable.php 2017-05-07 15:19:40.838218673 +0200 ++++ b/wp-includes/pluggable.php 2017-05-07 15:25:35.661548515 +0200 +@@ -321,15 +321,21 @@ + * https://core.trac.wordpress.org/ticket/5007. + */ + +- if ( !isset( $from_email ) ) { +- // Get the site domain and get rid of www. +- $sitename = strtolower( $_SERVER['SERVER_NAME'] ); +- if ( substr( $sitename, 0, 4 ) == 'www.' ) { +- $sitename = substr( $sitename, 4 ); +- } +- +- $from_email = 'wordpress@' . $sitename; +- } ++ // Thanks simlevesque @ https://news.ycombinator.com/item?id=14265092 ++ if ( !isset( $from_email ) ) { ++ // Get the site domain and get rid of www. ++ $sitename = strtolower( WP_HOME ); ++ if ( substr( $sitename, 0, 7 ) == 'http://' ) { ++ $sitename = substr( $sitename, 7 ); ++ } ++ if ( substr( $sitename, 0, 8 ) == 'https://' ) { ++ $sitename = substr( $sitename, 8 ); ++ } ++ if ( substr( $sitename, 0, 4 ) == 'www.' ) { ++ $sitename = substr( $sitename, 4 ); ++ } ++ $from_email = 'wordpress@' . $sitename; ++ } + + /** + * Filters the email address to send from. Deleted: wordpress.install =================================================================== --- wordpress.install 2018-07-13 13:42:18 UTC (rev 358620) +++ wordpress.install 2018-07-13 13:42:32 UTC (rev 358621) @@ -1,21 +0,0 @@ -post_install() { - # Make uploads work - install -dm775 /usr/share/webapps/wordpress/wp-content/uploads - chown http:http /usr/share/webapps/wordpress/wp-content/uploads - echo 'You can now configure your (PHP compatible) web server to run Wordpress' -} - -pre_remove() { - cp -r /usr/share/webapps/wordpress /usr/share/webapps/wordpress_backup - echo 'Your Wordpress folder were backed up to /usr/share/webapps/wordpress_backup' -} - -post_remove() { - rm -rf /usr/share/webapps/wordpress -} - -post_upgrade() { - echo 'Wordpress is in /usr/share/webapps now' -} - -# vim:ts=2 sw=2 et: Copied: wordpress/repos/community-any/wordpress.install (from rev 358620, wordpress/trunk/wordpress.install) =================================================================== --- wordpress.install (rev 0) +++ wordpress.install 2018-07-13 13:42:32 UTC (rev 358621) @@ -0,0 +1,21 @@ +post_install() { + # Make uploads work + install -dm775 /usr/share/webapps/wordpress/wp-content/uploads + chown http:http /usr/share/webapps/wordpress/wp-content/uploads + echo 'You can now configure your (PHP compatible) web server to run Wordpress' +} + +pre_remove() { + cp -r /usr/share/webapps/wordpress /usr/share/webapps/wordpress_backup + echo 'Your Wordpress folder were backed up to /usr/share/webapps/wordpress_backup' +} + +post_remove() { + rm -rf /usr/share/webapps/wordpress +} + +post_upgrade() { + echo 'Wordpress is in /usr/share/webapps now' +} + +# vim:ts=2 sw=2 et: