Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backport of security release #898

Merged
merged 3 commits into from
Jan 13, 2022
Merged

Backport of security release #898

merged 3 commits into from
Jan 13, 2022

Conversation

mattyrob
Copy link
Collaborator

@mattyrob mattyrob commented Jan 7, 2022
edited by bahiirwa
Loading

Description

See: https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/

Motivation and context

This is a backport of an upstream set of security fixes affecting WP back to version 3.7.
The patch applied to the 4.9 trunk has been backported here.

How has this been tested?

Upstream backport with visual comparison only.

Screenshots

N/A

Types of changes

  • Bug fix

desrosj and others added 3 commits January 7, 2022 21:46
@desrosj @mattyrob
WP-r52474: Grouped backports to the 4.9 branch.
cf1d781 
- Query: Improve sanitization within `WP_Tax_Query`.
- Query: Improve sanitization within `WP_Meta_Query`.
- Upgrade/Install: Avoid using `unserialize()` unnecessarily.
- Formatting: Correctly encode ASCII characters in post slugs.

Merges https://core.trac.wordpress.org/log/?revs=52454-52457 to the 4.9 branch.
WP:Props vortfu, dd32, ehtis, zieladam, whyisjake, xknown, peterwilsoncc, desrosj, iandunn.

Conflicts:
- src/wp-includes/formatting.php

---

Merges https://core.trac.wordpress.org/changeset/52474 / WordPress/wordpress-develop@25331bc640 to ClassicPress.
@mattyrob
Fix merge conflicts from backport of 52474
c69420b
@mattyrob
Layout fix from backport of 52474 to wp-includes/class-wp-meta-query.php
ac644cf
@mattyrob mattyrob added this to the 1.4.0-rc3 milestone Jan 8, 2022
@mattyrob mattyrob added the flag: high priority Need to focus on this issue or PR with all our effort. label Jan 8, 2022
@bahiirwa
Copy link
Collaborator

I have tested this on local install. Nothing is broken.
Reviewed changes from upstream and these are well done. Thanks @mattyrob

@mattyrob mattyrob merged commit d54a5dd into ClassicPress:develop Jan 13, 2022
@mattyrob mattyrob deleted the merge/wp-r52474 branch January 13, 2022 16:16
@ClassyBot
Copy link
Contributor

This pull request has been mentioned on ClassicPress Forums. There might be relevant details there:

https://forums.classicpress.net/t/classicpress-1-4-0-release-notes/3929/1

@viktorix viktorix added the exclude For filtering purposes only. label Jan 13, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@striebwj striebwj striebwj approved these changes

Assignees
No one assigned
Labels
exclude For filtering purposes only. flag: high priority Need to focus on this issue or PR with all our effort.
Projects
None yet
Milestone
1.4.0-rc3
Development

Successfully merging this pull request may close these issues.
6 participants
@mattyrob @bahiirwa @ClassyBot @striebwj @viktorix @desrosj