pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/devel/rt3 Update to the latest version in the rt3 trai...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/19748998f524
branches:  trunk
changeset: 610615:19748998f524
user:      spz <spz%pkgsrc.org@localhost>
date:      Wed Oct 31 20:39:26 2012 +0000

description:
Update to the latest version in the rt3 train. Contains security updates:

  3.8.15 Release Notes

   This release resolves a number of security vulnerabilities.
   It resolves CVE-2012-4730, CVE-2012-4732, CVE-2012-4734, CVE-2012-4735,
   and CVE-2012-4884.

   In addition to these security fixes, RT 3.8.15 contains support for
   partitioned PGP messages.

  3.8.14 Release Notes

   This release contains two fixes related to the 3.8.12 security release.

   Access to search results URLs is now CSRF whitelisted, based on user
   feedback.
   An error in rt-email-dashboards has been corrected.

  3.8.13 Release Notes

   This release contains an important bugfix over the 3.8.12 security
   release:

    * Fix sending email with the 'perl-script' mod_perl handler, by
      ensuring that STDIN was always on FD 0 before calling IPC::Open2.
      This failure showed as either SIGPIPE or abnormal exit codes when
      running sendmail.

    * Fix for "Undefined value assigned to typeglob" and "Bad file
      descriptor: core_output_filter" errors caused by the above change, by
      ensuring that both FD 0 and FD 1 are prevented from being claimed by
      Apache.  This error only arose with the perfork MPM and mod_perl <=
      2.0.4.

diffstat:

 devel/rt3/Makefile                                           |   5 +--
 devel/rt3/PLIST                                              |   3 +-
 devel/rt3/distinfo                                           |  10 ++++----
 devel/rt3/patches/patch-lib_RT_Interface_Email_Auth_GnuPG.pm |  13 ++++++-----
 4 files changed, 16 insertions(+), 15 deletions(-)

diffs (83 lines):

diff -r b6308f33e954 -r 19748998f524 devel/rt3/Makefile
--- a/devel/rt3/Makefile        Wed Oct 31 19:52:18 2012 +0000
+++ b/devel/rt3/Makefile        Wed Oct 31 20:39:26 2012 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.50 2012/10/03 21:55:55 wiz Exp $
+# $NetBSD: Makefile,v 1.51 2012/10/31 20:39:26 spz Exp $
 
-DISTNAME=              rt-3.8.12
-PKGREVISION=           1
+DISTNAME=              rt-3.8.15
 CATEGORIES=            devel
 MASTER_SITES=          http://download.bestpractical.com/pub/rt/release/
 
diff -r b6308f33e954 -r 19748998f524 devel/rt3/PLIST
--- a/devel/rt3/PLIST   Wed Oct 31 19:52:18 2012 +0000
+++ b/devel/rt3/PLIST   Wed Oct 31 20:39:26 2012 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.21 2012/05/25 19:55:43 spz Exp $
+@comment $NetBSD: PLIST,v 1.22 2012/10/31 20:39:26 spz Exp $
 bin/mason_handler.fcgi
 ${PLIST.speedycgi}bin/mason_handler.scgi
 bin/mason_handler.svc
@@ -506,6 +506,7 @@
 share/rt3/html/Elements/ListActions
 share/rt3/html/Elements/ListMenu
 share/rt3/html/Elements/Login
+share/rt3/html/Elements/LoginRedirectWarning
 share/rt3/html/Elements/Logo
 share/rt3/html/Elements/Logout
 share/rt3/html/Elements/MakeClicky
diff -r b6308f33e954 -r 19748998f524 devel/rt3/distinfo
--- a/devel/rt3/distinfo        Wed Oct 31 19:52:18 2012 +0000
+++ b/devel/rt3/distinfo        Wed Oct 31 20:39:26 2012 +0000
@@ -1,14 +1,14 @@
-$NetBSD: distinfo,v 1.22 2012/05/25 19:55:43 spz Exp $
+$NetBSD: distinfo,v 1.23 2012/10/31 20:39:26 spz Exp $
 
-SHA1 (rt-3.8.12.tar.gz) = aa657de2fd687c51f31216df6dc1f639a0bc1f7c
-RMD160 (rt-3.8.12.tar.gz) = fa6b251aa1c7851a35243181c3b802a668c1e0ba
-Size (rt-3.8.12.tar.gz) = 5730029 bytes
+SHA1 (rt-3.8.15.tar.gz) = abb7b0d52cb9843e3154aeff2490211ddcdc59b8
+RMD160 (rt-3.8.15.tar.gz) = a9c32f8e255d47925760716d5ab97efe86381bd4
+Size (rt-3.8.15.tar.gz) = 5650409 bytes
 SHA1 (patch-aa) = 6f78710f4460a25c75afbdf7128c0fe34914927c
 SHA1 (patch-ab) = ee455dd683c84d3a745a29a132e28903ba03144d
 SHA1 (patch-lib_RT.pm) = f72c6cb6f94acf1296076423d26d7efa4ed78293
 SHA1 (patch-lib_RT_CustomFieldValues_External.pm) = 4404ca98c9e50687323892df1aa95c8b5a6dedd9
 SHA1 (patch-lib_RT_Interface_Email.pm) = 60d0c2c46ac3dc8172bdf16bbf43099b7dd87542
-SHA1 (patch-lib_RT_Interface_Email_Auth_GnuPG.pm) = c78c1894a0c058082784a3790fc87684d6a4431c
+SHA1 (patch-lib_RT_Interface_Email_Auth_GnuPG.pm) = 60d53a4dcda8f3cda14350f34f74fddc6091c3ce
 SHA1 (patch-sbin_rt-attributes-viewer) = e1c963800b76282cda4ca46e006f30d9abfc29c9
 SHA1 (patch-sbin_rt-attributes-viewer.in) = 99a15cca9a394b5743edc3929f43593f1384c8da
 SHA1 (patch-share_html_Helpers_CalPopup.html) = 3920ac6448d1d21c7ff32ef67344b19aa53616a4
diff -r b6308f33e954 -r 19748998f524 devel/rt3/patches/patch-lib_RT_Interface_Email_Auth_GnuPG.pm
--- a/devel/rt3/patches/patch-lib_RT_Interface_Email_Auth_GnuPG.pm      Wed Oct 31 19:52:18 2012 +0000
+++ b/devel/rt3/patches/patch-lib_RT_Interface_Email_Auth_GnuPG.pm      Wed Oct 31 20:39:26 2012 +0000
@@ -1,19 +1,20 @@
-$NetBSD: patch-lib_RT_Interface_Email_Auth_GnuPG.pm,v 1.1 2011/10/25 19:38:10 spz Exp $
+$NetBSD: patch-lib_RT_Interface_Email_Auth_GnuPG.pm,v 1.2 2012/10/31 20:39:26 spz Exp $
 
 perl 5.14 qw() in for* fixes
 
---- lib/RT/Interface/Email/Auth/GnuPG.pm.orig  2011-04-14 00:32:21.000000000 +0000
+--- lib/RT/Interface/Email/Auth/GnuPG.pm.orig  2012-10-25 20:19:10.000000000 +0000
 +++ lib/RT/Interface/Email/Auth/GnuPG.pm
-@@ -76,10 +76,10 @@ sub GetCurrentUser {
+@@ -76,11 +76,11 @@ sub GetCurrentUser {
      );
  
      foreach my $p ( $args{'Message'}->parts_DFS ) {
 -        $p->head->delete($_) for qw(
-+        $p->head->delete($_) for ( qw(
-             X-RT-GnuPG-Status X-RT-Incoming-Encrypton
++        $p->head->delete($_) for (qw(
+             X-RT-GnuPG-Status X-RT-Incoming-Encryption
              X-RT-Incoming-Signature X-RT-Privacy
+             X-RT-Sign X-RT-Encrypt
 -        );
-+        ) );
++        ));
      }
  
      my $msg = $args{'Message'}->dup;



Home | Main Index | Thread Index | Old Index