pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2008Q1]: pkgsrc/devel/bugzilla pullup ticket #2380 - requested...
details: https://anonhg.NetBSD.org/pkgsrc/rev/7f0747d2447f
branches: pkgsrc-2008Q1
changeset: 540345:7f0747d2447f
user: rtr <rtr%pkgsrc.org@localhost>
date: Thu May 15 10:33:01 2008 +0000
description:
pullup ticket #2380 - requested by adrianp
bugzilla: update for cross-site scripting vulnerability
revisions pulled up:
- pkgsrc/devel/bugzilla/Makefile
- pkgsrc/devel/bugzilla/PLIST
- pkgsrc/devel/bugzilla/distinfo
Module Name: pkgsrc
Committed By: adrianp
Date: Tue May 6 19:36:39 UTC 2008
Modified Files:
pkgsrc/devel/bugzilla: Makefile PLIST distinfo
Log Message:
2.22.4
Class: Cross-Site Scripting
Versions: 2.17.2 and higher
Description: When using the "Format for Printing" view of a bug (or
the "Long Format" of a bug list, which is the same thing),
there was a cross-site scripting hole--arbitrary text
from a particular URL parameter could be injected into the
page without filtering.
diffstat:
devel/bugzilla/Makefile | 6 ++++--
devel/bugzilla/PLIST | 6 ++++--
devel/bugzilla/distinfo | 8 ++++----
3 files changed, 12 insertions(+), 8 deletions(-)
diffs (63 lines):
diff -r f172734fadf3 -r 7f0747d2447f devel/bugzilla/Makefile
--- a/devel/bugzilla/Makefile Thu May 15 10:06:10 2008 +0000
+++ b/devel/bugzilla/Makefile Thu May 15 10:33:01 2008 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.28 2008/03/03 17:45:34 jlam Exp $
+# $NetBSD: Makefile,v 1.28.2.1 2008/05/15 10:33:01 rtr Exp $
#
-DISTNAME= bugzilla-2.22.3
+DISTNAME= bugzilla-2.22.4
CATEGORIES= www devel
MASTER_SITES= ${MASTER_SITE_MOZILLA_ALL:=webtools/}
@@ -9,6 +9,8 @@
HOMEPAGE= http://www.bugzilla.org/
COMMENT= Web based bug tracking system
+CONFLICTS+= bugzilla-3.[0-9]*
+
DEPENDS+= p5-AppConfig>=1.52:../../devel/p5-AppConfig
DEPENDS+= p5-CGI>=2.93:../../www/p5-CGI
DEPENDS+= p5-DBI>=1.38:../../databases/p5-DBI
diff -r f172734fadf3 -r 7f0747d2447f devel/bugzilla/PLIST
--- a/devel/bugzilla/PLIST Thu May 15 10:06:10 2008 +0000
+++ b/devel/bugzilla/PLIST Thu May 15 10:33:01 2008 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.13 2007/08/25 09:49:34 adrianp Exp $
+@comment $NetBSD: PLIST,v 1.13.6.1 2008/05/15 10:33:01 rtr Exp $
share/bugzilla/Bugzilla.pm
share/bugzilla/Bugzilla/Attachment.pm
share/bugzilla/Bugzilla/Auth.pm
@@ -70,6 +70,9 @@
share/bugzilla/createaccount.cgi
share/bugzilla/describecomponents.cgi
share/bugzilla/describekeywords.cgi
+share/bugzilla/docs/html/keywords.html
+share/bugzilla/docs/html/sanitycheck.html
+share/bugzilla/docs/html/x767.html
share/bugzilla/docs/html/Bugzilla-Guide.html
share/bugzilla/docs/html/about.html
share/bugzilla/docs/html/administration.html
@@ -156,7 +159,6 @@
share/bugzilla/docs/html/versions.html
share/bugzilla/docs/html/voting.html
share/bugzilla/docs/html/whining.html
-share/bugzilla/docs/html/x763.html
share/bugzilla/duplicates.cgi
share/bugzilla/duplicates.xul
share/bugzilla/editclassifications.cgi
diff -r f172734fadf3 -r 7f0747d2447f devel/bugzilla/distinfo
--- a/devel/bugzilla/distinfo Thu May 15 10:06:10 2008 +0000
+++ b/devel/bugzilla/distinfo Thu May 15 10:33:01 2008 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.14 2007/08/25 09:49:34 adrianp Exp $
+$NetBSD: distinfo,v 1.14.6.1 2008/05/15 10:33:01 rtr Exp $
-SHA1 (bugzilla-2.22.3.tar.gz) = 461d1a754cdc4a9e26fc6936c48fbd7cf71fab14
-RMD160 (bugzilla-2.22.3.tar.gz) = 787f84e343297b1a8caee8310354e01f7c8cc2f8
-Size (bugzilla-2.22.3.tar.gz) = 1940974 bytes
+SHA1 (bugzilla-2.22.4.tar.gz) = 37b53606e04f00d21460f03f27c9a2dd2fda2820
+RMD160 (bugzilla-2.22.4.tar.gz) = bb5850ffcf85e08b18393569341255edfdd9d672
+Size (bugzilla-2.22.4.tar.gz) = 2114034 bytes
SHA1 (patch-aa) = 1139740aac7497c85f274ae4153a867abe8194a2
Home |
Main Index |
Thread Index |
Old Index