ports/110733: [maintainer update] www/zope210 update to fix vulnerability
Yasushi Hayashi
yasi at yasi.to
Fri Mar 23 21:40:04 UTC 2007
>Number: 110733
>Category: ports
>Synopsis: [maintainer update] www/zope210 update to fix vulnerability
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Fri Mar 23 21:40:03 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: Yasushi Hayashi
>Release: FreeBSD 6.2-STABLE i386
>Organization:
>Environment:
System: FreeBSD www.yasi.to 6.2-STABLE FreeBSD 6.2-STABLE #1: Sat Feb 10 09:05:27 JST 2007 root at www.yasi.to:/usr/obj/usr/src/sys/GENERIC i386
>Description:
In March 20,2007, Zope.org released hotfix for cross-site scripting vulnerability.
See: http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view
This PR upgrade www/zope210.
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
diff -urN /usr/ports/www/zope210.old/Makefile /usr/ports/www/zope210/Makefile
--- /usr/ports/www/zope210.old/Makefile Sat Jan 27 10:39:17 2007
+++ /usr/ports/www/zope210/Makefile Thu Mar 22 21:34:03 2007
@@ -7,10 +7,14 @@
PORTNAME= zope210
PORTVERSION= 2.10.2
+PORTREVISION= 1
CATEGORIES= www python zope
-MASTER_SITES= http://www.zope.org/Products/Zope/${PORTVERSION}/
+MASTER_SITES= http://www.zope.org/Products/Zope/${PORTVERSION}/ \
+ http://www.zope.org/Products/Zope/Hotfix-2007-03-20/Hotfix-20070320/:hotfix
DISTNAME= Zope-${PORTVERSION}
EXTRACT_SUFX= .tgz
+DISTFILES= ${DISTNAME}${EXTRACT_SUFX} \
+ Hotfix_20070320.tgz:hotfix
DIST_SUBDIR= zope
MAINTAINER= yasi at yasi.to
@@ -75,6 +79,7 @@
post-build:
-@${PYTHON_CMD} ${PYTHON_LIBDIR}/compileall.py ${WRKSRC}/
+ -@${PYTHON_CMD} ${PYTHON_LIBDIR}/compileall.py ${WRKDIR}/Hotfix_20070320/
post-install:
${MV} ${ZOPEBASEDIR}/skel/etc/zope.conf.in \
@@ -83,6 +88,7 @@
${MKDIR} ${ZOPEBASEDIR}/Products
${CP} ${FILESDIR}/Products_00readme-freebsd.txt \
${ZOPEBASEDIR}/Products/00readme-freebsd.txt
+ ${CP} -R ${WRKDIR}/Hotfix_20070320 ${ZOPEBASEDIR}/Products/
${FIND} ${ZOPEBASEDIR} -type f -print0 | ${XARGS} -0 -- ${CHMOD} a-w+r
diff -urN /usr/ports/www/zope210.old/distinfo /usr/ports/www/zope210/distinfo
--- /usr/ports/www/zope210.old/distinfo Fri Jan 26 22:24:23 2007
+++ /usr/ports/www/zope210/distinfo Thu Mar 22 21:19:55 2007
@@ -1,3 +1,6 @@
MD5 (zope/Zope-2.10.2.tgz) = 4f4e2afe23c19def16ba43db4b6252cb
SHA256 (zope/Zope-2.10.2.tgz) = f08887f2f3a3225a47427814fd7ff99603a1fb0f905df68306792a1cc486d94b
SIZE (zope/Zope-2.10.2.tgz) = 7089784
+MD5 (zope/Hotfix_20070320.tgz) = 0b4cd365d99731e18827ead11400087d
+SHA256 (zope/Hotfix_20070320.tgz) = 3b8760301826aba22386a561de48523663fc7840fc11280e2c34163ba4be383a
+SIZE (zope/Hotfix_20070320.tgz) = 3805
diff -urN /usr/ports/www/zope210.old/pkg-plist /usr/ports/www/zope210/pkg-plist
--- /usr/ports/www/zope210.old/pkg-plist Fri Jan 26 22:52:55 2007
+++ /usr/ports/www/zope210/pkg-plist Thu Mar 22 21:43:44 2007
@@ -1,4 +1,12 @@
%%ZOPEBASEDIR%%/Products/00readme-freebsd.txt
+%%ZOPEBASEDIR%%/Products/Hotfix_20070320/README.txt
+%%ZOPEBASEDIR%%/Products/Hotfix_20070320/__init__.py
+%%ZOPEBASEDIR%%/Products/Hotfix_20070320/__init__.pyc
+%%ZOPEBASEDIR%%/Products/Hotfix_20070320/tests/__init__.py
+%%ZOPEBASEDIR%%/Products/Hotfix_20070320/tests/__init__.pyc
+%%ZOPEBASEDIR%%/Products/Hotfix_20070320/tests/test_hotfix.py
+%%ZOPEBASEDIR%%/Products/Hotfix_20070320/tests/test_hotfix.pyc
+%%ZOPEBASEDIR%%/Products/Hotfix_20070320/version.txt
%%ZOPEBASEDIR%%/bin/README.txt
%%ZOPEBASEDIR%%/bin/analyze.py
%%ZOPEBASEDIR%%/bin/analyze.pyc
@@ -9854,5 +9862,7 @@
@dirrm %%ZOPEBASEDIR%%/skel/etc/package-includes
@dirrm %%ZOPEBASEDIR%%/skel/etc
@dirrm %%ZOPEBASEDIR%%/skel
+ at dirrm %%ZOPEBASEDIR%%/Products/Hotfix_20070320/tests
+ at dirrm %%ZOPEBASEDIR%%/Products/Hotfix_20070320
@dirrmtry %%ZOPEBASEDIR%%/Products
@dirrmtry %%ZOPEBASEDIR%%
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list