svn commit: r358641 - head/databases/phpmyadmin

Matthew Seaman matthew at FreeBSD.org
Fri Jun 20 22:03:03 UTC 2014 

Author: matthew
Date: Fri Jun 20 22:03:01 2014
New Revision: 358641
URL: http://svnweb.freebsd.org/changeset/ports/358641
QAT: https://qat.redports.org/buildarchive/r358641/

Log:
  Security update to 4.2.4
  
    - while here switch plist to use @sample
  
  The advisories: PMASA-2014-2 and PMASA-2014-3, have not been published
  yet, so there is very little concrete information about what the
  security problems are. About all there is comes from the change log,
  where the security issues are listed as:
  
  - bug #4464 [security] XSS injection due to unescaped db/table name in navigation hiding
  - bug #4465 [security] XSS injection due to unescaped db/table name in recent/favorite tables
  
  ChaneLog:	http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.4/phpMyAdmin-4.2.4-notes.html/view
  MFH:		2014Q2

Modified:
  head/databases/phpmyadmin/Makefile
  head/databases/phpmyadmin/distinfo
  head/databases/phpmyadmin/pkg-plist-chunk

Modified: head/databases/phpmyadmin/Makefile
==============================================================================
--- head/databases/phpmyadmin/Makefile	Fri Jun 20 21:54:10 2014	(r358640)
+++ head/databases/phpmyadmin/Makefile	Fri Jun 20 22:03:01 2014	(r358641)
@@ -2,8 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	phpMyAdmin
-DISTVERSION=	4.2.3
-PORTREVISION=	1
+DISTVERSION=	4.2.4
 CATEGORIES=	databases www
 MASTER_SITES=	SF/${PORTNAME:tl}/${PORTNAME}/${DISTVERSION}
 DISTNAME=	${PORTNAME}-${DISTVERSION}-all-languages

Modified: head/databases/phpmyadmin/distinfo
==============================================================================
--- head/databases/phpmyadmin/distinfo	Fri Jun 20 21:54:10 2014	(r358640)
+++ head/databases/phpmyadmin/distinfo	Fri Jun 20 22:03:01 2014	(r358641)
@@ -1,2 +1,2 @@
-SHA256 (phpMyAdmin-4.2.3-all-languages.tar.xz) = 0d96a4009494ef3a6f6b6dc2ca049251945b60350df99b72700c90850f05af48
-SIZE (phpMyAdmin-4.2.3-all-languages.tar.xz) = 5092112
+SHA256 (phpMyAdmin-4.2.4-all-languages.tar.xz) = aebcd7cfabd4993405340ecb2b76ce0cb4ab345a817ae7c371a830e22b2c2513
+SIZE (phpMyAdmin-4.2.4-all-languages.tar.xz) = 5176840

Modified: head/databases/phpmyadmin/pkg-plist-chunk
==============================================================================
--- head/databases/phpmyadmin/pkg-plist-chunk	Fri Jun 20 21:54:10 2014	(r358640)
+++ head/databases/phpmyadmin/pkg-plist-chunk	Fri Jun 20 22:03:01 2014	(r358641)
@@ -1,7 +1,5 @@
 @mode 640
 @group %%PMA_GRP%%
- at unexec if cmp -s %D/%%WWWDIR%%/config.inc.php.sample %D/%%WWWDIR%%/config.inc.php ; then rm -f %D/%%WWWDIR%%/config.inc.php ; fi
-%%WWWDIR%%/config.inc.php.sample
- at exec [ ! -f %B/config.inc.php ] && cp -p %B/%f %B/config.inc.php || true
+ at sample %%WWWDIR%%/config.inc.php.sample
 @mode
 @group

More information about the svn-ports-all mailing list