svn commit: r370400 - in branches/2014Q4/devel/bugzilla44: . files
Olli Hauer
ohauer at FreeBSD.org
Tue Oct 7 21:41:34 UTC 2014
Author: ohauer
Date: Tue Oct 7 21:41:32 2014
New Revision: 370400
URL: https://svnweb.freebsd.org/changeset/ports/370400
QAT: https://qat.redports.org/buildarchive/r370400/
Log:
- remove FreeBSD-specific bits
- bump PORTREVISION
PR: 194123
Submitted by: mva
Reviewed by: eadler
MFH: r370211
- update to bugzilla 4.4.6
Summary
=======
The following security issues have been discovered in Bugzilla:
* The 'realname' parameter is not correctly filtered on user account
creation, which could lead to user data override.
* Several places were found in the Bugzilla code where cross-site
scripting attacks could be used to access sensitive information.
* Private comments can be shown to flagmail recipients who aren't in
the insider group
* Specially formatted values in a CSV search results export could be
used in spreadsheet software to attack a user's computer.
Security: CVE-2014-1572
CVE-2014-1571
CVE-2014-1571
MFH: r370268
- add CPE information
[1] additional MFH revisions: r370209, 370211
Approved by: portmgr (erwin)
Deleted:
branches/2014Q4/devel/bugzilla44/files/freebsd-project-ldap.diff
Modified:
branches/2014Q4/devel/bugzilla44/Makefile
branches/2014Q4/devel/bugzilla44/Makefile.options
branches/2014Q4/devel/bugzilla44/distinfo
branches/2014Q4/devel/bugzilla44/pkg-plist
Directory Properties:
branches/2014Q4/ (props changed)
Modified: branches/2014Q4/devel/bugzilla44/Makefile
==============================================================================
--- branches/2014Q4/devel/bugzilla44/Makefile Tue Oct 7 21:34:45 2014 (r370399)
+++ branches/2014Q4/devel/bugzilla44/Makefile Tue Oct 7 21:41:32 2014 (r370400)
@@ -1,7 +1,7 @@
# $FreeBSD$
PORTNAME= bugzilla
-PORTVERSION= 4.4.5
+PORTVERSION= 4.4.6
CATEGORIES= devel
MASTER_SITES= BUGZILLA
MASTER_SITE_SUBDIR= webtools webtools/archived
@@ -25,9 +25,11 @@ RUN_DEPENDS= \
p5-TimeDate>=1.19:${PORTSDIR}/devel/p5-TimeDate \
p5-URI>=1.37:${PORTSDIR}/net/p5-URI
-USES= perl5
+USES= perl5 cpe
USE_PERL5= patch build run
+CPE_VENDOR= mozilla
+
SUB_FILES= pkg-message
DATA_DIRS_LIST= images js skins
@@ -49,7 +51,7 @@ RUN_DEPENDS+= p5-DBD-mysql>=4.0001:${POR
.endif
.if ${PORT_OPTIONS:MPGSQL}
-USE_PGSQL= yes
+USES+= pgsql
RUN_DEPENDS+= p5-DBD-Pg>=2.19.3:${PORTSDIR}/databases/p5-DBD-Pg
.endif
@@ -154,10 +156,6 @@ RUN_DEPENDS+= p5-File-MimeInfo>=0.16:${P
p5-IO-stringy>=2.110:${PORTSDIR}/devel/p5-IO-stringy
.endif
-.if ${PORT_OPTIONS:MFREEBSD}
-EXTRA_PATCHES= ${FILESDIR}/freebsd-project-ldap.diff
-.endif
-
post-extract:
@${RM} -rf ${WRKSRC}/.bzr
@${RM} -f ${WRKSRC}/.bzrignore ${WRKSRC}/.gitignore ${WRKSRC}/.gitrev \
Modified: branches/2014Q4/devel/bugzilla44/Makefile.options
==============================================================================
--- branches/2014Q4/devel/bugzilla44/Makefile.options Tue Oct 7 21:34:45 2014 (r370399)
+++ branches/2014Q4/devel/bugzilla44/Makefile.options Tue Oct 7 21:41:32 2014 (r370400)
@@ -2,8 +2,7 @@
OPTIONS_DEFINE= \
DOCS \
- MODPERL \
- FREEBSD
+ MODPERL
OPTIONS_GROUP= UI DBBACKEND REPORTING ATTACHMENT EMAIL WEBSERVICE AUTH ADMIN
@@ -55,7 +54,6 @@ BMP2PNG_DESC= BMP Attachments to PNGs
CHARTING_MODULES_DESC= Bug charting support
CONTRIB_DESC= Install user-contributed scripts
EXPORT_IMPORT_DESC= Import/export bugs (via XML)
-FREEBSD_DESC= Patch used internally by the FreeBSD project
GRAPH_REPORTS_DESC= Graphical Reports
INBOUND_EMAIL_DESC= Inbound Email
JSONRPC_DESC= JSON-RPC Interface
Modified: branches/2014Q4/devel/bugzilla44/distinfo
==============================================================================
--- branches/2014Q4/devel/bugzilla44/distinfo Tue Oct 7 21:34:45 2014 (r370399)
+++ branches/2014Q4/devel/bugzilla44/distinfo Tue Oct 7 21:41:32 2014 (r370400)
@@ -1,2 +1,2 @@
-SHA256 (bugzilla/bugzilla-4.4.5.tar.gz) = 70609fa5bbe55a3b802afcf749a098824d7a96dc87b91ce07b000cfdd7987da5
-SIZE (bugzilla/bugzilla-4.4.5.tar.gz) = 2955964
+SHA256 (bugzilla/bugzilla-4.4.6.tar.gz) = ac3547195f2ce156488aac2cc537620775e08a9d888441daab2b40ab66ab01f4
+SIZE (bugzilla/bugzilla-4.4.6.tar.gz) = 2956046
Modified: branches/2014Q4/devel/bugzilla44/pkg-plist
==============================================================================
--- branches/2014Q4/devel/bugzilla44/pkg-plist Tue Oct 7 21:34:45 2014 (r370399)
+++ branches/2014Q4/devel/bugzilla44/pkg-plist Tue Oct 7 21:41:32 2014 (r370400)
@@ -887,178 +887,14 @@
%%WWWDIR%%/whine.pl
%%WWWDIR%%/whineatnews.pl
%%WWWDIR%%/xmlrpc.cgi
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Auth
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Config
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/DB
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Field
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Install
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/JobQueue
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Search
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Template/Plugin
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Template
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/User/Setting
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/User
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/WebService/Server
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/WebService
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Whine
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/contrib
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/extensions
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/images/callouts
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/images
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/pdf
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/txt
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/xml
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple/HTML
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple/HTMLBatch
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/xsl
-%%PORTDOCS%%@dirrm %%DOCSDIR%%
- at dirrm %%WWWDIR%%/Bugzilla/Attachment
- at dirrm %%WWWDIR%%/Bugzilla/Auth/Login
- at dirrm %%WWWDIR%%/Bugzilla/Auth/Persist
- at dirrm %%WWWDIR%%/Bugzilla/Auth/Verify
- at dirrm %%WWWDIR%%/Bugzilla/Auth
- at dirrm %%WWWDIR%%/Bugzilla/BugUrl/Bugzilla
- at dirrm %%WWWDIR%%/Bugzilla/BugUrl
- at dirrm %%WWWDIR%%/Bugzilla/Config
- at dirrm %%WWWDIR%%/Bugzilla/DB/Schema
- at dirrm %%WWWDIR%%/Bugzilla/DB
- at dirrm %%WWWDIR%%/Bugzilla/Field
- at dirrm %%WWWDIR%%/Bugzilla/Install
- at dirrm %%WWWDIR%%/Bugzilla/Job
- at dirrm %%WWWDIR%%/Bugzilla/JobQueue
- at dirrm %%WWWDIR%%/Bugzilla/Migrate
- at dirrm %%WWWDIR%%/Bugzilla/Search
- at dirrm %%WWWDIR%%/Bugzilla/Send
- at dirrm %%WWWDIR%%/Bugzilla/Template/Plugin
- at dirrm %%WWWDIR%%/Bugzilla/Template
- at dirrm %%WWWDIR%%/Bugzilla/User/Setting
- at dirrm %%WWWDIR%%/Bugzilla/User
- at dirrm %%WWWDIR%%/Bugzilla/WebService/Server
- at dirrm %%WWWDIR%%/Bugzilla/WebService
- at dirrm %%WWWDIR%%/Bugzilla/Whine
- at dirrmtry %%WWWDIR%%/Bugzilla
-%%CONTRIB%%@dirrm %%WWWDIR%%/contrib/bugzilla-submit
-%%CONTRIB%%@dirrm %%WWWDIR%%/contrib/cmdline
- at dirrmtry %%WWWDIR%%/contrib
- at dirrmtry %%WWWDIR%%/data
- at dirrmtry %%WWWDIR%%/graphs
- at dirrmtry %%WWWDIR%%/images
- at dirrm %%WWWDIR%%/js/history.js
- at dirrm %%WWWDIR%%/js/yui/animation
- at dirrm %%WWWDIR%%/js/yui/assets/skins/sam
- at dirrm %%WWWDIR%%/js/yui/assets/skins
- at dirrm %%WWWDIR%%/js/yui/assets
- at dirrm %%WWWDIR%%/js/yui/autocomplete
- at dirrm %%WWWDIR%%/js/yui/base
- at dirrm %%WWWDIR%%/js/yui/button
- at dirrm %%WWWDIR%%/js/yui/calendar
- at dirrm %%WWWDIR%%/js/yui/carousel
- at dirrm %%WWWDIR%%/js/yui/charts
- at dirrm %%WWWDIR%%/js/yui/colorpicker
- at dirrm %%WWWDIR%%/js/yui/connection
- at dirrm %%WWWDIR%%/js/yui/container
- at dirrm %%WWWDIR%%/js/yui/cookie
- at dirrm %%WWWDIR%%/js/yui/datasource
- at dirrm %%WWWDIR%%/js/yui/datatable
- at dirrm %%WWWDIR%%/js/yui/datemath
- at dirrm %%WWWDIR%%/js/yui/dom
- at dirrm %%WWWDIR%%/js/yui/dragdrop
- at dirrm %%WWWDIR%%/js/yui/element
- at dirrm %%WWWDIR%%/js/yui/element-delegate
- at dirrm %%WWWDIR%%/js/yui/event
- at dirrm %%WWWDIR%%/js/yui/event-delegate
- at dirrm %%WWWDIR%%/js/yui/event-mouseenter
- at dirrm %%WWWDIR%%/js/yui/event-simulate
- at dirrm %%WWWDIR%%/js/yui/fonts
- at dirrm %%WWWDIR%%/js/yui/get
- at dirrm %%WWWDIR%%/js/yui/grids
- at dirrm %%WWWDIR%%/js/yui/history
- at dirrm %%WWWDIR%%/js/yui/imagecropper
- at dirrm %%WWWDIR%%/js/yui/imageloader
- at dirrm %%WWWDIR%%/js/yui/json
- at dirrm %%WWWDIR%%/js/yui/layout
- at dirrm %%WWWDIR%%/js/yui/logger
- at dirrm %%WWWDIR%%/js/yui/menu
- at dirrm %%WWWDIR%%/js/yui/paginator
- at dirrm %%WWWDIR%%/js/yui/profiler
- at dirrm %%WWWDIR%%/js/yui/profilerviewer
- at dirrm %%WWWDIR%%/js/yui/progressbar
- at dirrm %%WWWDIR%%/js/yui/reset
- at dirrm %%WWWDIR%%/js/yui/reset-fonts
- at dirrm %%WWWDIR%%/js/yui/reset-fonts-grids
- at dirrm %%WWWDIR%%/js/yui/resize
- at dirrm %%WWWDIR%%/js/yui/selector
- at dirrm %%WWWDIR%%/js/yui/slider
- at dirrm %%WWWDIR%%/js/yui/storage
- at dirrm %%WWWDIR%%/js/yui/stylesheet
- at dirrm %%WWWDIR%%/js/yui/swf
- at dirrm %%WWWDIR%%/js/yui/swfdetect
- at dirrm %%WWWDIR%%/js/yui/swfstore
- at dirrm %%WWWDIR%%/js/yui/tabview
- at dirrm %%WWWDIR%%/js/yui/treeview
- at dirrm %%WWWDIR%%/js/yui/uploader
- at dirrm %%WWWDIR%%/js/yui/yahoo
- at dirrm %%WWWDIR%%/js/yui/yahoo-dom-event
- at dirrm %%WWWDIR%%/js/yui/yuiloader
- at dirrm %%WWWDIR%%/js/yui/yuitest
- at dirrm %%WWWDIR%%/js/yui
- at dirrm %%WWWDIR%%/js
- at dirrmtry %%WWWDIR%%/lib
- at dirrm %%WWWDIR%%/skins/contrib/Dusk
- at dirrm %%WWWDIR%%/skins/contrib
- at dirrm %%WWWDIR%%/skins/standard/dependency-tree
- at dirrm %%WWWDIR%%/skins/standard/global
- at dirrm %%WWWDIR%%/skins/standard/index
- at dirrm %%WWWDIR%%/skins/standard
- at dirrmtry %%WWWDIR%%/skins
- at dirrmtry %%WWWDIR%%/t
- at dirrm %%WWWDIR%%/template/en/default/account/auth
- at dirrm %%WWWDIR%%/template/en/default/account/email
- at dirrm %%WWWDIR%%/template/en/default/account/password
- at dirrm %%WWWDIR%%/template/en/default/account/prefs
- at dirrm %%WWWDIR%%/template/en/default/account
- at dirrm %%WWWDIR%%/template/en/default/admin/classifications
- at dirrm %%WWWDIR%%/template/en/default/admin/components
- at dirrm %%WWWDIR%%/template/en/default/admin/custom_fields
- at dirrm %%WWWDIR%%/template/en/default/admin/fieldvalues
- at dirrm %%WWWDIR%%/template/en/default/admin/flag-type
- at dirrm %%WWWDIR%%/template/en/default/admin/groups
- at dirrm %%WWWDIR%%/template/en/default/admin/keywords
- at dirrm %%WWWDIR%%/template/en/default/admin/milestones
- at dirrm %%WWWDIR%%/template/en/default/admin/params
- at dirrm %%WWWDIR%%/template/en/default/admin/products/groupcontrol
- at dirrm %%WWWDIR%%/template/en/default/admin/products
- at dirrm %%WWWDIR%%/template/en/default/admin/sanitycheck
- at dirrm %%WWWDIR%%/template/en/default/admin/settings
- at dirrm %%WWWDIR%%/template/en/default/admin/users
- at dirrm %%WWWDIR%%/template/en/default/admin/versions
- at dirrm %%WWWDIR%%/template/en/default/admin/workflow
- at dirrm %%WWWDIR%%/template/en/default/admin
- at dirrm %%WWWDIR%%/template/en/default/attachment
- at dirrm %%WWWDIR%%/template/en/default/bug/activity
- at dirrm %%WWWDIR%%/template/en/default/bug/create
- at dirrm %%WWWDIR%%/template/en/default/bug/process
- at dirrm %%WWWDIR%%/template/en/default/bug
- at dirrm %%WWWDIR%%/template/en/default/email
- at dirrm %%WWWDIR%%/template/en/default/extensions
- at dirrm %%WWWDIR%%/template/en/default/flag
- at dirrm %%WWWDIR%%/template/en/default/global
- at dirrm %%WWWDIR%%/template/en/default/list
- at dirrm %%WWWDIR%%/template/en/default/pages
- at dirrm %%WWWDIR%%/template/en/default/reports
- at dirrm %%WWWDIR%%/template/en/default/request
- at dirrm %%WWWDIR%%/template/en/default/search
- at dirrm %%WWWDIR%%/template/en/default/setup
- at dirrm %%WWWDIR%%/template/en/default/whine
- at dirrm %%WWWDIR%%/template/en/default
- at dirrm %%WWWDIR%%/template/en
- at dirrmtry %%WWWDIR%%/template
- at dirrmtry %%WWWDIR%%/xt
- at dirrmtry %%WWWDIR%%
+ at dir %%WWWDIR%%/Bugzilla
+ at dir %%WWWDIR%%/contrib
+ at dir %%WWWDIR%%/data
+ at dir %%WWWDIR%%/graphs
+ at dir %%WWWDIR%%/images
+ at dir %%WWWDIR%%/lib
+ at dir %%WWWDIR%%/skins
+ at dir %%WWWDIR%%/t
+ at dir %%WWWDIR%%/template
+ at dir %%WWWDIR%%/xt
+ at dir %%WWWDIR%%
More information about the svn-ports-all
mailing list