Tag 4.2.6

Built from https://develop.svn.wordpress.org/tags/4.2.6@36208 git-svn-id: http://core.svn.wordpress.org/tags/4.2.6@36175 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-06 23:31:08 +00:00
5 changed files with 7 additions and 20 deletions
--- a/readme.html
+++ b/readme.html
@@ -9,7 +9,7 @@
 <body>
 <h1 id="logo">
 	<a href="https://wordpress.org/"><img alt="WordPress" src="wp-admin/images/wordpress-logo.png" /></a>
-	<br /> Version 4.2.7
+	<br /> Version 4.2.6
 </h1>
 <p style="text-align: center">Semantic Personal Publishing Platform</p>

--- a/wp-admin/about.php
+++ b/wp-admin/about.php
@@ -41,11 +41,7 @@ include( ABSPATH . 'wp-admin/admin-header.php' );
 </h2>

 <div class="changelog point-releases">
-	<h3><?php echo _n( 'Maintenance and Security Release', 'Maintenance and Security Releases', 7 ); ?></h3>
-	<p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
-         '<strong>Version %1$s</strong> addressed some security issues.', 2 ), '4.2.7' ); ?>
-		<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.2.7' ); ?>
- 	</p>
+	<h3><?php echo _n( 'Maintenance and Security Release', 'Maintenance and Security Releases', 6 ); ?></h3>
 	<p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
         '<strong>Version %1$s</strong> addressed some security issues.', 1 ), '4.2.6' ); ?>
 		<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.2.6' ); ?>
--- a/wp-includes/http.php
+++ b/wp-includes/http.php
@@ -475,7 +475,7 @@ function wp_http_validate_url( $url ) {
 		}
 		if ( $ip ) {
 			$parts = array_map( 'intval', explode( '.', $ip ) );
-			if ( 127 === $parts[0] || 10 === $parts[0] || 0 === $parts[0]
+			if ( 127 === $parts[0] || 10 === $parts[0]
 				|| ( 172 === $parts[0] && 16 <= $parts[1] && 31 >= $parts[1] )
 				|| ( 192 === $parts[0] && 168 === $parts[1] )
 			) {
--- a/wp-includes/pluggable.php
+++ b/wp-includes/pluggable.php
@@ -1296,8 +1296,7 @@ function wp_validate_redirect($location, $default = '') {
 	// In php 5 parse_url may fail if the URL query part contains http://, bug #38143
 	$test = ( $cut = strpos($location, '?') ) ? substr( $location, 0, $cut ) : $location;

-	// @-operator is used to prevent possible warnings in PHP < 5.3.3.
-	$lp = @parse_url($test);
+	$lp  = parse_url($test);

 	// Give up if malformed URL
 	if ( false === $lp )
@@ -1307,17 +1306,9 @@ function wp_validate_redirect($location, $default = '') {
 	if ( isset($lp['scheme']) && !('http' == $lp['scheme'] || 'https' == $lp['scheme']) )
 		return $default;

-	// Reject if certain components are set but host is not. This catches urls like https:host.com for which parse_url does not set the host field.
-	if ( ! isset( $lp['host'] ) && ( isset( $lp['scheme'] ) || isset( $lp['user'] ) || isset( $lp['pass'] ) || isset( $lp['port'] ) ) ) {
+	// Reject if scheme is set but host is not. This catches urls like https:host.com for which parse_url does not set the host field.
+	if ( isset($lp['scheme'])  && !isset($lp['host']) )
 		return $default;
-	}
-
-	// Reject malformed components parse_url() can return on odd inputs.
-	foreach ( array( 'user', 'pass', 'host' ) as $component ) {
-		if ( isset( $lp[ $component ] ) && strpbrk( $lp[ $component ], ':/?#@' ) ) {
-			return $default;
-		}
-	}

 	$wpp = parse_url(home_url());

--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -4,7 +4,7 @@
 *
 * @global string $wp_version
 */
-$wp_version = '4.2.7';
+$wp_version = '4.2.6';

 /**
 * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.