pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2012Q1]: pkgsrc/devel/rt3 Pullup ticket #3808 - requested by spz
details: https://anonhg.NetBSD.org/pkgsrc/rev/ef0a98e67647
branches: pkgsrc-2012Q1
changeset: 602137:ef0a98e67647
user: tron <tron%pkgsrc.org@localhost>
date: Mon May 28 10:50:59 2012 +0000
description:
Pullup ticket #3808 - requested by spz
devel/rt3: security update
Revisions pulled up:
- devel/rt3/Makefile 1.49
- devel/rt3/Makefile.install 1.18
- devel/rt3/PLIST 1.21
- devel/rt3/distinfo 1.22
- devel/rt3/patches/patch-lib_RT_Action_CreateTickets.pm deleted
- devel/rt3/patches/patch-lib_RT_Ticket__Overlay.pm deleted
- devel/rt3/patches/patch-lib_RT_Transaction__Overlay.pm deleted
- devel/rt3/patches/patch-share_html_Admin_CustomFields_Modify.html deleted
- devel/rt3/patches/patch-share_html_Search_Bulk.html deleted
- devel/rt3/patches/patch-share_html_Search_Elements_SelectChartType deleted
- devel/rt3/patches/patch-share_html_Ticket_Elements_PreviewScrips deleted
---
Module Name: pkgsrc
Committed By: spz
Date: Fri May 25 19:55:44 UTC 2012
Modified Files:
pkgsrc/devel/rt3: Makefile Makefile.install PLIST distinfo
Removed Files:
pkgsrc/devel/rt3/patches: patch-lib_RT_Action_CreateTickets.pm
patch-lib_RT_Ticket__Overlay.pm
patch-lib_RT_Transaction__Overlay.pm
patch-share_html_Admin_CustomFields_Modify.html
patch-share_html_Search_Bulk.html
patch-share_html_Search_Elements_SelectChartType
patch-share_html_Ticket_Elements_PreviewScrips
Log Message:
Update RT to version 3.8.12:
Changes from 3.8.11 to 3.8.12:
This release, in addition to being a bugfix release, also resolves a
number of security vulnerabilities. It resolves CVE-2011-2082,
CVE-2011-2083, CVE-2011-2084, CVE-2011-2085, CVE-2011-4458,
CVE-2011-4459, and CVE-2011-4460.
* Upgrade prototype.js to version 1.7, for compatibility with google
charts.
* Remove ie7.js, which is no longer used.
* Ensure that TransactionBatch scripts are only run once.
Changes from 3.8.10 to 3.8.11:
This release contains a number of bugfixes and minor security updates
since the 3.8.10 release, most notably:
* Adjust FCGI dependency to one which resolves FCGI's CVE-2011-2766
* New WebHttpOnlyCookies option, enabled by default, which hides RT's
cookie from direct Javascript access.
* Compatibility with perl 5.12 and 5.14, by removing deprecated "for
qw(...)" and "defined %hash" syntax.
* MySQL 5.5 compatibility, by specifying ENGINE=InnoDB rather than
TYPE=InnoDB
* Ensure that RT::Interface::Web's _Overlay, _Local, and _Vendor files
are loaded correctly.
* Fix session cleaner for on-disk sessions, broken since 3.8.0.
* Ensure that only one "Based on" attribute is stored for each custom
field.
* Fix the loading of Shredder plugins, broken in 3.8.10.
diffstat:
devel/rt3/Makefile | 5 +-
devel/rt3/Makefile.install | 5 +-
devel/rt3/PLIST | 10 +-
devel/rt3/distinfo | 15 +--
devel/rt3/patches/patch-lib_RT_Action_CreateTickets.pm | 24 ----
devel/rt3/patches/patch-lib_RT_Ticket__Overlay.pm | 49 ----------
devel/rt3/patches/patch-lib_RT_Transaction__Overlay.pm | 15 ---
devel/rt3/patches/patch-share_html_Admin_CustomFields_Modify.html | 15 ---
devel/rt3/patches/patch-share_html_Search_Bulk.html | 31 ------
devel/rt3/patches/patch-share_html_Search_Elements_SelectChartType | 15 ---
devel/rt3/patches/patch-share_html_Ticket_Elements_PreviewScrips | 42 --------
11 files changed, 13 insertions(+), 213 deletions(-)
diffs (truncated from 324 to 300 lines):
diff -r 3f90368907ab -r ef0a98e67647 devel/rt3/Makefile
--- a/devel/rt3/Makefile Mon May 28 09:57:24 2012 +0000
+++ b/devel/rt3/Makefile Mon May 28 10:50:59 2012 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.48 2011/10/25 19:38:09 spz Exp $
+# $NetBSD: Makefile,v 1.48.4.1 2012/05/28 10:50:59 tron Exp $
-DISTNAME= rt-3.8.10
-PKGREVISION= 1
+DISTNAME= rt-3.8.12
CATEGORIES= devel
MASTER_SITES= http://download.bestpractical.com/pub/rt/release/
diff -r 3f90368907ab -r ef0a98e67647 devel/rt3/Makefile.install
--- a/devel/rt3/Makefile.install Mon May 28 09:57:24 2012 +0000
+++ b/devel/rt3/Makefile.install Mon May 28 10:50:59 2012 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.install,v 1.17 2011/02/27 17:05:57 spz Exp $
+# $NetBSD: Makefile.install,v 1.17.10.1 2012/05/28 10:50:59 tron Exp $
.include "dirs.mk"
@@ -67,7 +67,8 @@
upgrade/vulnerable-passwords
RT_UPGRADE_DIRS= 3.3.0 3.3.11 3.5.1 3.7.1 3.7.3 3.7.10 3.7.15 \
3.7.19 3.7.81 3.7.82 3.7.85 3.7.86 3.7.87 \
- 3.8.0 3.8.1 3.8.2 3.8.3 3.8.4 3.8.6 3.8.8 3.8.9
+ 3.8.0 3.8.1 3.8.2 3.8.3 3.8.4 3.8.6 3.8.8 3.8.9 \
+ 3.8.12
MESSAGE_SUBST+= RTVARDIR=${RT_VAR_DIR:Q} RTSHAREDIR=${RT_SHARE_DIR:Q}
diff -r 3f90368907ab -r ef0a98e67647 devel/rt3/PLIST
--- a/devel/rt3/PLIST Mon May 28 09:57:24 2012 +0000
+++ b/devel/rt3/PLIST Mon May 28 10:50:59 2012 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.20 2011/04/16 09:41:19 spz Exp $
+@comment $NetBSD: PLIST,v 1.20.8.1 2012/05/28 10:50:59 tron Exp $
bin/mason_handler.fcgi
${PLIST.speedycgi}bin/mason_handler.scgi
bin/mason_handler.svc
@@ -330,6 +330,7 @@
share/rt3/etc/upgrade/3.8.6/content
share/rt3/etc/upgrade/3.8.8/content
share/rt3/etc/upgrade/3.8.9/content
+share/rt3/etc/upgrade/3.8.12/content
share/rt3/etc/vulnerable-passwords
share/rt3/html/Admin/CustomFields/GroupRights.html
share/rt3/html/Admin/CustomFields/Modify.html
@@ -468,6 +469,7 @@
share/rt3/html/Download/Tabular/dhandler
share/rt3/html/Elements/BevelBoxRaisedEnd
share/rt3/html/Elements/BevelBoxRaisedStart
+share/rt3/html/Elements/CSRF
share/rt3/html/Elements/Callback
share/rt3/html/Elements/Checkbox
share/rt3/html/Elements/CollectionAsTable/Header
@@ -1023,11 +1025,6 @@
share/rt3/html/NoAuth/images/favicon.png
share/rt3/html/NoAuth/images/star.gif
share/rt3/html/NoAuth/images/test.png
-share/rt3/html/NoAuth/js/IE7/IE7.js
-share/rt3/html/NoAuth/js/IE7/IE8.js
-share/rt3/html/NoAuth/js/IE7/blank.gif
-share/rt3/html/NoAuth/js/IE7/ie7-recalc.js
-share/rt3/html/NoAuth/js/IE7/ie7-squish.js
share/rt3/html/NoAuth/js/ahah.js
share/rt3/html/NoAuth/js/autohandler
share/rt3/html/NoAuth/js/cascaded.js
@@ -1212,3 +1209,4 @@
share/rt3/html/dhandler
share/rt3/html/index.html
share/rt3/html/l
+share/rt3/html/l_unsafe
diff -r 3f90368907ab -r ef0a98e67647 devel/rt3/distinfo
--- a/devel/rt3/distinfo Mon May 28 09:57:24 2012 +0000
+++ b/devel/rt3/distinfo Mon May 28 10:50:59 2012 +0000
@@ -1,23 +1,16 @@
-$NetBSD: distinfo,v 1.21 2011/10/25 19:38:09 spz Exp $
+$NetBSD: distinfo,v 1.21.4.1 2012/05/28 10:51:00 tron Exp $
-SHA1 (rt-3.8.10.tar.gz) = 98678a4ce4dbdfb13ceeeb88236d49bd0f5562c7
-RMD160 (rt-3.8.10.tar.gz) = 779ba2e04e87d20f30b03a9e7348c23b09062038
-Size (rt-3.8.10.tar.gz) = 5642566 bytes
+SHA1 (rt-3.8.12.tar.gz) = aa657de2fd687c51f31216df6dc1f639a0bc1f7c
+RMD160 (rt-3.8.12.tar.gz) = fa6b251aa1c7851a35243181c3b802a668c1e0ba
+Size (rt-3.8.12.tar.gz) = 5730029 bytes
SHA1 (patch-aa) = 6f78710f4460a25c75afbdf7128c0fe34914927c
SHA1 (patch-ab) = ee455dd683c84d3a745a29a132e28903ba03144d
SHA1 (patch-lib_RT.pm) = f72c6cb6f94acf1296076423d26d7efa4ed78293
-SHA1 (patch-lib_RT_Action_CreateTickets.pm) = d9cac2c0b9125835edf303b203e067ce087e90d7
SHA1 (patch-lib_RT_CustomFieldValues_External.pm) = 4404ca98c9e50687323892df1aa95c8b5a6dedd9
SHA1 (patch-lib_RT_Interface_Email.pm) = 60d0c2c46ac3dc8172bdf16bbf43099b7dd87542
SHA1 (patch-lib_RT_Interface_Email_Auth_GnuPG.pm) = c78c1894a0c058082784a3790fc87684d6a4431c
-SHA1 (patch-lib_RT_Ticket__Overlay.pm) = e39ef54a28f08d34ebf7c7bc3d410e8c1064177e
-SHA1 (patch-lib_RT_Transaction__Overlay.pm) = aad3ea7fb62798e63cee20e82b6cc8e4f11a3f44
SHA1 (patch-sbin_rt-attributes-viewer) = e1c963800b76282cda4ca46e006f30d9abfc29c9
SHA1 (patch-sbin_rt-attributes-viewer.in) = 99a15cca9a394b5743edc3929f43593f1384c8da
-SHA1 (patch-share_html_Admin_CustomFields_Modify.html) = ab8109ff5b2c39f02dc0058d00bc9c4264b58bc7
SHA1 (patch-share_html_Helpers_CalPopup.html) = 3920ac6448d1d21c7ff32ef67344b19aa53616a4
-SHA1 (patch-share_html_Search_Bulk.html) = a08fa8cfbe641ae4d174117167c4f4be97f9151f
-SHA1 (patch-share_html_Search_Elements_SelectChartType) = 0aa993c9f909634da4e65e37dd59afd6531dde01
-SHA1 (patch-share_html_Ticket_Elements_PreviewScrips) = caaccc926bb92d9e7a4fd24bfc6b47263c5dd028
SHA1 (patch-t_approval_admincc.t) = 4fddf5fa844d15e8698e00fe6863daaafa661315
SHA1 (patch-t_approval_basic.t) = 209303cc34370518a2600e28570627e1dc7e698b
diff -r 3f90368907ab -r ef0a98e67647 devel/rt3/patches/patch-lib_RT_Action_CreateTickets.pm
--- a/devel/rt3/patches/patch-lib_RT_Action_CreateTickets.pm Mon May 28 09:57:24 2012 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,24 +0,0 @@
-$NetBSD: patch-lib_RT_Action_CreateTickets.pm,v 1.1 2011/10/25 19:38:10 spz Exp $
-
-perl 5.14 qw() in for* fixes
-
---- lib/RT/Action/CreateTickets.pm.orig 2011-04-14 00:32:21.000000000 +0000
-+++ lib/RT/Action/CreateTickets.pm
-@@ -723,7 +723,7 @@ sub ParseLines {
- }
- }
-
-- foreach my $date qw(due starts started resolved) {
-+ foreach my $date ( qw(due starts started resolved) ) {
- my $dateobj = RT::Date->new( $self->CurrentUser );
- next unless $args{$date};
- if ( $args{$date} =~ /^\d+$/ ) {
-@@ -1080,7 +1080,7 @@ sub UpdateWatchers {
-
- my @results;
-
-- foreach my $type qw(Requestor Cc AdminCc) {
-+ foreach my $type ( qw(Requestor Cc AdminCc) ) {
- my $method = $type . 'Addresses';
- my $oldaddr = $ticket->$method;
-
diff -r 3f90368907ab -r ef0a98e67647 devel/rt3/patches/patch-lib_RT_Ticket__Overlay.pm
--- a/devel/rt3/patches/patch-lib_RT_Ticket__Overlay.pm Mon May 28 09:57:24 2012 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,49 +0,0 @@
-$NetBSD: patch-lib_RT_Ticket__Overlay.pm,v 1.1 2011/10/25 19:38:10 spz Exp $
-
-perl 5.14 qw() in for* fixes
-
---- lib/RT/Ticket_Overlay.pm.orig 2011-04-14 00:32:21.000000000 +0000
-+++ lib/RT/Ticket_Overlay.pm
-@@ -471,13 +471,13 @@ sub Create {
- );
-
- # Parameters passed in during an import that we probably don't want to touch, otherwise
-- foreach my $attr qw(id Creator Created LastUpdated LastUpdatedBy) {
-+ foreach my $attr ( qw(id Creator Created LastUpdated LastUpdatedBy) ) {
- $params{$attr} = $args{$attr} if $args{$attr};
- }
-
- # Delete null integer parameters
- foreach my $attr
-- qw(TimeWorked TimeLeft TimeEstimated InitialPriority FinalPriority)
-+ ( qw(TimeWorked TimeLeft TimeEstimated InitialPriority FinalPriority) )
- {
- delete $params{$attr}
- unless ( exists $params{$attr} && $params{$attr} );
-@@ -745,7 +745,7 @@ sub _Parse822HeadersForAttributes {
-
- }
-
-- foreach my $date qw(due starts started resolved) {
-+ foreach my $date ( qw(due starts started resolved) ) {
- my $dateobj = RT::Date->new($RT::SystemUser);
- if ( defined ($args{$date}) and $args{$date} =~ /^\d+$/ ) {
- $dateobj->Set( Format => 'unix', Value => $args{$date} );
-@@ -2600,7 +2600,7 @@ sub MergeInto {
- }
-
- # Update time fields
-- foreach my $type qw(TimeEstimated TimeWorked TimeLeft) {
-+ foreach my $type ( qw(TimeEstimated TimeWorked TimeLeft) ) {
-
- my $mutator = "Set$type";
- $MergeInto->$mutator(
-@@ -2608,7 +2608,7 @@ sub MergeInto {
-
- }
- #add all of this ticket's watchers to that ticket.
-- foreach my $watcher_type qw(Requestors Cc AdminCc) {
-+ foreach my $watcher_type ( qw(Requestors Cc AdminCc) ) {
-
- my $people = $self->$watcher_type->MembersObj;
- my $addwatcher_type = $watcher_type;
diff -r 3f90368907ab -r ef0a98e67647 devel/rt3/patches/patch-lib_RT_Transaction__Overlay.pm
--- a/devel/rt3/patches/patch-lib_RT_Transaction__Overlay.pm Mon May 28 09:57:24 2012 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-lib_RT_Transaction__Overlay.pm,v 1.1 2011/10/25 19:38:10 spz Exp $
-
-perl 5.14 qw() in for* fixes
-
---- lib/RT/Transaction_Overlay.pm.orig 2011-04-14 00:32:21.000000000 +0000
-+++ lib/RT/Transaction_Overlay.pm
-@@ -144,7 +144,7 @@ sub Create {
- );
-
- # Parameters passed in during an import that we probably don't want to touch, otherwise
-- foreach my $attr qw(id Creator Created LastUpdated TimeTaken LastUpdatedBy) {
-+ foreach my $attr ( qw(id Creator Created LastUpdated TimeTaken LastUpdatedBy) ) {
- $params{$attr} = $args{$attr} if ($args{$attr});
- }
-
diff -r 3f90368907ab -r ef0a98e67647 devel/rt3/patches/patch-share_html_Admin_CustomFields_Modify.html
--- a/devel/rt3/patches/patch-share_html_Admin_CustomFields_Modify.html Mon May 28 09:57:24 2012 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-share_html_Admin_CustomFields_Modify.html,v 1.1 2011/10/25 19:38:10 spz Exp $
-
-perl 5.14 qw() in for* fixes
-
---- share/html/Admin/CustomFields/Modify.html.orig 2011-04-14 00:32:21.000000000 +0000
-+++ share/html/Admin/CustomFields/Modify.html
-@@ -196,7 +196,7 @@ if ( $ARGS{'Update'} && $id ne 'new' ) {
- # Update any existing values
- my $values = $CustomFieldObj->ValuesObj;
- while ( my $value = $values->Next ) {
-- foreach my $attr qw(Name Description SortOrder Category) {
-+ foreach my $attr ( qw(Name Description SortOrder Category) ) {
- my $param = join("-", $paramtag, $value->Id, $attr);
- next unless exists $ARGS{$param};
- $ARGS{$param} =~ s/^\s+//;
diff -r 3f90368907ab -r ef0a98e67647 devel/rt3/patches/patch-share_html_Search_Bulk.html
--- a/devel/rt3/patches/patch-share_html_Search_Bulk.html Mon May 28 09:57:24 2012 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,31 +0,0 @@
-$NetBSD: patch-share_html_Search_Bulk.html,v 1.1 2011/10/25 19:38:10 spz Exp $
-
-perl 5.14 qw() in for* fixes
-
---- share/html/Search/Bulk.html.orig 2011-04-14 00:32:21.000000000 +0000
-+++ share/html/Search/Bulk.html
-@@ -60,7 +60,7 @@
-
- <& /Elements/ListActions, actions => \@results &>
- <form method="post" action="<% RT->Config->Get('WebPath') %>/Search/Bulk.html" enctype="multipart/form-data">
--% foreach my $var qw(Query Format OrderBy Order Rows Page SavedChartSearchId) {
-+% foreach my $var ( qw(Query Format OrderBy Order Rows Page SavedChartSearchId) ) {
- <input type="hidden" class="hidden" name="<%$var%>" value="<%$ARGS{$var} || ''%>" />
- %}
- <& /Elements/CollectionList,
-@@ -358,13 +358,13 @@ unless ( $ARGS{'AddMoreAttach'} ) {
- my @watchresults =
- ProcessTicketWatchers( TicketObj => $Ticket, ARGSRef => \%ARGS );
-
-- foreach my $type qw(MergeInto DependsOn MemberOf RefersTo) {
-+ foreach my $type ( qw(MergeInto DependsOn MemberOf RefersTo) ) {
- $ARGS{ $Ticket->id . "-" . $type } = $ARGS{"Ticket-$type"};
- $ARGS{ $type . "-" . $Ticket->id } = $ARGS{"$type-Ticket"};
- }
- @linkresults =
- ProcessTicketLinks( TicketObj => $Ticket, ARGSRef => \%ARGS );
-- foreach my $type qw(MergeInto DependsOn MemberOf RefersTo) {
-+ foreach my $type ( qw(MergeInto DependsOn MemberOf RefersTo) ) {
- delete $ARGS{ $type . "-" . $Ticket->id };
- delete $ARGS{ $Ticket->id . "-" . $type };
- }
diff -r 3f90368907ab -r ef0a98e67647 devel/rt3/patches/patch-share_html_Search_Elements_SelectChartType
--- a/devel/rt3/patches/patch-share_html_Search_Elements_SelectChartType Mon May 28 09:57:24 2012 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-share_html_Search_Elements_SelectChartType,v 1.1 2011/10/25 19:38:10 spz Exp $
-
-perl 5.14 qw() in for* fixes
-
---- share/html/Search/Elements/SelectChartType.orig 2011-04-14 00:32:21.000000000 +0000
-+++ share/html/Search/Elements/SelectChartType
-@@ -50,7 +50,7 @@ $Name => 'ChartType'
- $Default => 'bar'
- </%args>
- <select id="<%$Name%>" name="<%$Name%>">
--% foreach my $option qw(bar pie) {
-+% foreach my $option ( qw(bar pie) ) {
- % # 'bar' # loc
- % # 'pie' # loc
- <option value="<%$option%>"<% $option eq $Default ? qq[ selected="selected"] : '' |n %>><%loc($option)%></option>
diff -r 3f90368907ab -r ef0a98e67647 devel/rt3/patches/patch-share_html_Ticket_Elements_PreviewScrips
--- a/devel/rt3/patches/patch-share_html_Ticket_Elements_PreviewScrips Mon May 28 09:57:24 2012 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,42 +0,0 @@
-$NetBSD: patch-share_html_Ticket_Elements_PreviewScrips,v 1.1 2011/10/25 19:38:10 spz Exp $
-
-perl 5.14 qw() in for* fixes
-
---- share/html/Ticket/Elements/PreviewScrips.orig 2011-04-14 00:32:21.000000000 +0000
-+++ share/html/Ticket/Elements/PreviewScrips
-@@ -65,7 +65,7 @@ my @non_recipients = @{ $squelch{'EmailA
- <b><% $scrip->Description || loc('Scrip #[_1]',$scrip->id) %></b><br />
- <&|/l, loc($scrip->ConditionObj->Name), loc($scrip->ActionObj->Name), loc($scrip->TemplateObj->Name)&>[_1] [_2] with template [_3]</&>
- <br />
--%foreach my $type qw(To Cc Bcc) {
-+%foreach my $type ( qw(To Cc Bcc) ) {
- %my @addresses = $scrip->ActionObj->Action->$type();
- <ul>
- %foreach my $addr (@addresses) {
-@@ -90,7 +90,7 @@ my @non_recipients = @{ $squelch{'EmailA
- % next unless $rule->{hints} && $rule->{hints}{class} eq 'SendEmail';
- <b><% $rule->Describe %></b>
Home |
Main Index |
Thread Index |
Old Index