pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2008Q1]: pkgsrc/devel/bugzilla pullup ticket #2380 - requested...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/7f0747d2447f
branches:  pkgsrc-2008Q1
changeset: 540345:7f0747d2447f
user:      rtr <rtr%pkgsrc.org@localhost>
date:      Thu May 15 10:33:01 2008 +0000

description:
pullup ticket #2380 - requested by adrianp
bugzilla: update for cross-site scripting vulnerability

revisions pulled up:
- pkgsrc/devel/bugzilla/Makefile
- pkgsrc/devel/bugzilla/PLIST
- pkgsrc/devel/bugzilla/distinfo

   Module Name: pkgsrc
   Committed By:        adrianp
   Date:                Tue May  6 19:36:39 UTC 2008

   Modified Files:
        pkgsrc/devel/bugzilla: Makefile PLIST distinfo

   Log Message:
   2.22.4

   Class:       Cross-Site Scripting
   Versions:    2.17.2 and higher
   Description: When using the "Format for Printing" view of a bug (or
               the "Long Format" of a bug list, which is the same thing),
             there was a cross-site scripting hole--arbitrary text
             from a particular URL parameter could be injected into the
             page without filtering.

diffstat:

 devel/bugzilla/Makefile |  6 ++++--
 devel/bugzilla/PLIST    |  6 ++++--
 devel/bugzilla/distinfo |  8 ++++----
 3 files changed, 12 insertions(+), 8 deletions(-)

diffs (63 lines):

diff -r f172734fadf3 -r 7f0747d2447f devel/bugzilla/Makefile
--- a/devel/bugzilla/Makefile   Thu May 15 10:06:10 2008 +0000
+++ b/devel/bugzilla/Makefile   Thu May 15 10:33:01 2008 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.28 2008/03/03 17:45:34 jlam Exp $
+# $NetBSD: Makefile,v 1.28.2.1 2008/05/15 10:33:01 rtr Exp $
 #
 
-DISTNAME=      bugzilla-2.22.3
+DISTNAME=      bugzilla-2.22.4
 CATEGORIES=    www devel
 MASTER_SITES=  ${MASTER_SITE_MOZILLA_ALL:=webtools/}
 
@@ -9,6 +9,8 @@
 HOMEPAGE=      http://www.bugzilla.org/
 COMMENT=       Web based bug tracking system
 
+CONFLICTS+=    bugzilla-3.[0-9]*
+
 DEPENDS+=      p5-AppConfig>=1.52:../../devel/p5-AppConfig
 DEPENDS+=      p5-CGI>=2.93:../../www/p5-CGI
 DEPENDS+=      p5-DBI>=1.38:../../databases/p5-DBI
diff -r f172734fadf3 -r 7f0747d2447f devel/bugzilla/PLIST
--- a/devel/bugzilla/PLIST      Thu May 15 10:06:10 2008 +0000
+++ b/devel/bugzilla/PLIST      Thu May 15 10:33:01 2008 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.13 2007/08/25 09:49:34 adrianp Exp $
+@comment $NetBSD: PLIST,v 1.13.6.1 2008/05/15 10:33:01 rtr Exp $
 share/bugzilla/Bugzilla.pm
 share/bugzilla/Bugzilla/Attachment.pm
 share/bugzilla/Bugzilla/Auth.pm
@@ -70,6 +70,9 @@
 share/bugzilla/createaccount.cgi
 share/bugzilla/describecomponents.cgi
 share/bugzilla/describekeywords.cgi
+share/bugzilla/docs/html/keywords.html
+share/bugzilla/docs/html/sanitycheck.html
+share/bugzilla/docs/html/x767.html
 share/bugzilla/docs/html/Bugzilla-Guide.html
 share/bugzilla/docs/html/about.html
 share/bugzilla/docs/html/administration.html
@@ -156,7 +159,6 @@
 share/bugzilla/docs/html/versions.html
 share/bugzilla/docs/html/voting.html
 share/bugzilla/docs/html/whining.html
-share/bugzilla/docs/html/x763.html
 share/bugzilla/duplicates.cgi
 share/bugzilla/duplicates.xul
 share/bugzilla/editclassifications.cgi
diff -r f172734fadf3 -r 7f0747d2447f devel/bugzilla/distinfo
--- a/devel/bugzilla/distinfo   Thu May 15 10:06:10 2008 +0000
+++ b/devel/bugzilla/distinfo   Thu May 15 10:33:01 2008 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.14 2007/08/25 09:49:34 adrianp Exp $
+$NetBSD: distinfo,v 1.14.6.1 2008/05/15 10:33:01 rtr Exp $
 
-SHA1 (bugzilla-2.22.3.tar.gz) = 461d1a754cdc4a9e26fc6936c48fbd7cf71fab14
-RMD160 (bugzilla-2.22.3.tar.gz) = 787f84e343297b1a8caee8310354e01f7c8cc2f8
-Size (bugzilla-2.22.3.tar.gz) = 1940974 bytes
+SHA1 (bugzilla-2.22.4.tar.gz) = 37b53606e04f00d21460f03f27c9a2dd2fda2820
+RMD160 (bugzilla-2.22.4.tar.gz) = bb5850ffcf85e08b18393569341255edfdd9d672
+Size (bugzilla-2.22.4.tar.gz) = 2114034 bytes
 SHA1 (patch-aa) = 1139740aac7497c85f274ae4153a867abe8194a2



Home | Main Index | Thread Index | Old Index