[pkgsrc/trunk]: pkgsrc/mail/sympa Update sympa to 5.4.4. Bug fixes (including...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/mail/sympa Update sympa to 5.4.4. Bug fixes (including...
From: bouyer <bouyer%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 07:03:55 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/008a36b23c1e
branches:  trunk
changeset: 551848:008a36b23c1e
user:      bouyer <bouyer%pkgsrc.org@localhost>
date:      Sat Dec 20 19:02:12 2008 +0000

description:
Update sympa to 5.4.4. Bug fixes (including SQL injestion and privilege
escalation vulnerabilities) and updated translations:
    * Sympa was not fully compliant to the RFC 2616, leading for example
      to possible unwanted list deletion by administrators using prefetching
      tools. This was fixed by replacing all the threatening GET requests
      by POST requests;
    * Use of sprint() function for creating SQL queries lead to possible
      SQL injection through cookie manipulation;
    * The use of files in /tmp lead to vulnerabilities.

diffstat:

 mail/sympa/Makefile |  4 ++--
 mail/sympa/PLIST    |  3 +--
 mail/sympa/distinfo |  8 ++++----
 3 files changed, 7 insertions(+), 8 deletions(-)

diffs (44 lines):

diff -r 857ed1f88331 -r 008a36b23c1e mail/sympa/Makefile
--- a/mail/sympa/Makefile       Sat Dec 20 19:01:33 2008 +0000
+++ b/mail/sympa/Makefile       Sat Dec 20 19:02:12 2008 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.37 2008/12/14 19:06:38 hasso Exp $
+# $NetBSD: Makefile,v 1.38 2008/12/20 19:02:12 bouyer Exp $
 #
 
-DISTNAME=      sympa-5.4.3
+DISTNAME=      sympa-5.4.4
 CATEGORIES=    mail
 MASTER_SITES=  http://www.sympa.org/distribution/ \
                http://www.sympa.org/distribution/old/
diff -r 857ed1f88331 -r 008a36b23c1e mail/sympa/PLIST
--- a/mail/sympa/PLIST  Sat Dec 20 19:01:33 2008 +0000
+++ b/mail/sympa/PLIST  Sat Dec 20 19:02:12 2008 +0000
@@ -1,10 +1,9 @@
-@comment $NetBSD: PLIST,v 1.6 2008/11/09 16:15:47 bouyer Exp $
+@comment $NetBSD: PLIST,v 1.7 2008/12/20 19:02:12 bouyer Exp $
 man/man8/alias_manager.8
 man/man8/archived.8
 man/man8/bounced.8
 man/man8/sympa.8
 share/doc/sympa/NEWS
-share/doc/sympa/sympa.pdf
 share/examples/sympa/README
 share/examples/sympa/employees.ldap
 share/examples/sympa/robot.conf
diff -r 857ed1f88331 -r 008a36b23c1e mail/sympa/distinfo
--- a/mail/sympa/distinfo       Sat Dec 20 19:01:33 2008 +0000
+++ b/mail/sympa/distinfo       Sat Dec 20 19:02:12 2008 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.10 2008/11/09 16:15:47 bouyer Exp $
+$NetBSD: distinfo,v 1.11 2008/12/20 19:02:12 bouyer Exp $
 
-SHA1 (sympa-5.4.3.tar.gz) = 0ca96daedb8a06782b65a6d91fe9ff56b3aa34fa
-RMD160 (sympa-5.4.3.tar.gz) = 899a7e6d7d59986379a6a0a4794f1fb671006695
-Size (sympa-5.4.3.tar.gz) = 5561253 bytes
+SHA1 (sympa-5.4.4.tar.gz) = 673d3a031ef2718ed234ce0814ad1d0083883919
+RMD160 (sympa-5.4.4.tar.gz) = fb0b61ac3a56981ac7f44a1863504be937e4f4b5
+Size (sympa-5.4.4.tar.gz) = 6523229 bytes
 SHA1 (patch-aa) = 8db2096214d667d5bada0ffb97994be9e0891547
 SHA1 (patch-ab) = 404ce642a733ef7922f58613c56f449f75641a9a
 SHA1 (patch-ac) = 77802bab188da024c18810c07bf62064b28e3af1

Prev by Date: [pkgsrc/trunk]: pkgsrc/doc Updated audio/pulseaudio to 0.9.13nb3
Next by Date: [pkgsrc/trunk]: pkgsrc/devel/p5-File-Temp Update from version 0.20nb1 to 0.21.
Previous by Thread: [pkgsrc/trunk]: pkgsrc/doc Updated audio/pulseaudio to 0.9.13nb3
Next by Thread: [pkgsrc/trunk]: pkgsrc/devel/p5-File-Temp Update from version 0.20nb1 to 0.21.
Indexes:

Home | Main Index | Thread Index | Old Index