CVS commit: [pkgsrc-2010Q1] pkgsrc/www/geeklog

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: [pkgsrc-2010Q1] pkgsrc/www/geeklog
From: Matthias Scheler <tron%netbsd.org@localhost>
Date: Mon, 17 May 2010 22:38:02 +0000

Module Name:    pkgsrc
Committed By:   tron
Date:           Mon May 17 22:38:02 UTC 2010

Modified Files:
        pkgsrc/www/geeklog [pkgsrc-2010Q1]: Makefile distinfo

Log Message:
Pullup ticket #3123 - requested by taca
www/geeklog: security update

Revisioned pulled up:
- www/geeklog/Makefile                  1.27
- www/geeklog/distinfo                  1.13
---
Module Name:    pkgsrc
Committed By:   taca
Date:           Mon May 17 15:46:38 UTC 2010

Modified Files:
        pkgsrc/www/geeklog: Makefile distinfo

Log Message:
Update geeklog package to 1.6.1.1 (1.6.1sr1).

May 9, 2010 (1.6.1sr1)
------------

This release addresses the following security issue:

The autologin (using the long-term session cookie) is vulnerable to dictionary
attacks. This issue was originally reported by Bookoo of the Nine Situations
Group in one of his reports in April 2009 but apparently overlooked by the
Geeklog Team. Thanks to geeklog.net user Jack for pointing this out.


To generate a diff of this commit:
cvs rdiff -u -r1.26 -r1.26.2.1 pkgsrc/www/geeklog/Makefile
cvs rdiff -u -r1.12 -r1.12.4.1 pkgsrc/www/geeklog/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/textproc
Next by Date: CVS commit: [pkgsrc-2010Q1] pkgsrc/graphics/dvipng
Previous by Thread: CVS commit: pkgsrc/textproc
Next by Thread: CVS commit: [pkgsrc-2010Q1] pkgsrc/graphics/dvipng
Indexes:

Home | Main Index | Thread Index | Old Index