Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/www/php-glpi Update www/php-glpi to v9.4.6



details:   https://anonhg.NetBSD.org/pkgsrc/rev/ed7aa93adc27
branches:  trunk
changeset: 432161:ed7aa93adc27
user:      hauke <hauke%pkgsrc.org@localhost>
date:      Tue May 19 14:21:13 2020 +0000

description:
Update www/php-glpi to v9.4.6

Upstream says...

You'll find below the changes of this bugfixes version:
- (security) Prevent execution of SQL injection while assigning a technician,
- (security) Permit to change key used to store passwords,
- (security) Improve CSRF token,
- (security) Fix several possible XSS,
- (security) Fix a few possible SQL injections,
- Fix SCSS caching issues,
- Fix inline images handling on item update,
- Fix PHP 7.4 compatibility,
- Connect to database using socket,
- and more!

The full changelog is available:
<https://github.com/glpi-project/glpi/milestone/39?closed=1>

diffstat:

 www/php-glpi/Makefile |  11 +++++++--
 www/php-glpi/PLIST    |  54 ++++++++++++++++++++++++++++++++++-----------------
 www/php-glpi/distinfo |  10 ++++----
 3 files changed, 49 insertions(+), 26 deletions(-)

diffs (213 lines):

diff -r 6d3a260b8ddb -r ed7aa93adc27 www/php-glpi/Makefile
--- a/www/php-glpi/Makefile     Tue May 19 14:20:58 2020 +0000
+++ b/www/php-glpi/Makefile     Tue May 19 14:21:13 2020 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.12 2020/01/26 17:32:22 rillig Exp $
+# $NetBSD: Makefile,v 1.13 2020/05/19 14:21:13 hauke Exp $
 
 DISTNAME=      glpi-${GLPI_VERSION}
-GLPI_VERSION=  9.4.4
-PKGREVISION=   1
+GLPI_VERSION=  9.4.6
+#PKGREVISION=  1
 CATEGORIES=    www
 
 MASTER_SITES=  https://github.com/glpi-project/glpi/releases/download/${GLPI_VERSION}/
@@ -49,6 +49,7 @@
 .for ddd in local_define.php
 CONF_FILES+=   ${EGDIR}/${ddd} ${PKG_SYSCONFDIR}/${ddd}
 .endfor
+CONF_FILES+=   ${EGDIR}/var_glpi.htaccess ${VARBASE}/glpi/.htaccess
 
 MAKE_DIRS_PERMS+=      ${VARBASE}/glpi ${APACHE_USER} ${APACHE_GROUP} 0700
 .for ddd in _cache _cron _dumps _graphs _lock _log _pictures _plugins \
@@ -101,6 +102,10 @@
 
 do-install:
        cd ${WRKSRC}/config && ${PAX} -rw * ${DESTDIR}${PREFIX}/${EGDIR}
+       cd ${WRKSRC}/files && cp .htaccess \
+               ${DESTDIR}${PREFIX}/${EGDIR}/var_glpi.htaccess
+       # Sub-tree will be re-created in VARBASE/glpi
+       cd ${WRKSRC} && rm -r files
        cd ${WRKSRC} && ${PAX} -rw . ${DESTDIR}${PREFIX}/${GLPI_DIR}
 
 .include "../../mk/apache.mk"
diff -r 6d3a260b8ddb -r ed7aa93adc27 www/php-glpi/PLIST
--- a/www/php-glpi/PLIST        Tue May 19 14:20:58 2020 +0000
+++ b/www/php-glpi/PLIST        Tue May 19 14:21:13 2020 +0000
@@ -1,7 +1,8 @@
-@comment $NetBSD: PLIST,v 1.7 2019/09/26 14:52:24 hauke Exp $
+@comment $NetBSD: PLIST,v 1.8 2020/05/19 14:21:13 hauke Exp $
 share/examples/glpi/crontab.sample
 share/examples/glpi/httpd-glpi.conf
 share/examples/glpi/local_define.php
+share/examples/glpi/var_glpi.htaccess
 share/glpi/.htaccess
 share/glpi/CHANGELOG.md
 share/glpi/CONTRIBUTING.md
@@ -173,20 +174,26 @@
 share/glpi/css/tiny_mce/skins/light/img/object.gif
 share/glpi/css/tiny_mce/skins/light/img/trans.gif
 share/glpi/css/tiny_mce/skins/light/skin.min.css
+share/glpi/css/tiny_mce_custom.css
+share/glpi/css/tiny_mce_custom.min.css
 share/glpi/css/win_png.htc
-share/glpi/files/.htaccess
-share/glpi/files/_cache/remove.txt
-share/glpi/files/_cron/remove.txt
-share/glpi/files/_dumps/remove.txt
-share/glpi/files/_graphs/remove.txt
-share/glpi/files/_lock/remove.txt
-share/glpi/files/_log/remove.txt
-share/glpi/files/_pictures/remove.txt
-share/glpi/files/_plugins/remove.txt
-share/glpi/files/_rss/remove.txt
-share/glpi/files/_sessions/remove.txt
-share/glpi/files/_tmp/remove.txt
-share/glpi/files/_uploads/remove.txt
+share/glpi/css_compiled/css_highcontrast.min.css
+share/glpi/css_compiled/css_palettes_aerialgreen.min.css
+share/glpi/css_compiled/css_palettes_auror.min.css
+share/glpi/css_compiled/css_palettes_automn.min.css
+share/glpi/css_compiled/css_palettes_classic.min.css
+share/glpi/css_compiled/css_palettes_clockworkorange.min.css
+share/glpi/css_compiled/css_palettes_dark.min.css
+share/glpi/css_compiled/css_palettes_flood.min.css
+share/glpi/css_compiled/css_palettes_greenflat.min.css
+share/glpi/css_compiled/css_palettes_hipster.min.css
+share/glpi/css_compiled/css_palettes_icecream.min.css
+share/glpi/css_compiled/css_palettes_lightblue.min.css
+share/glpi/css_compiled/css_palettes_premiumred.min.css
+share/glpi/css_compiled/css_palettes_purplehaze.min.css
+share/glpi/css_compiled/css_palettes_teclib.min.css
+share/glpi/css_compiled/css_palettes_vintage.min.css
+share/glpi/css_compiled/css_styles.min.css
 share/glpi/front/allassets.php
 share/glpi/front/apiclient.form.php
 share/glpi/front/auth.others.php
@@ -197,7 +204,6 @@
 share/glpi/front/authmail.php
 share/glpi/front/autoupdatesystem.form.php
 share/glpi/front/autoupdatesystem.php
-share/glpi/front/backup.php
 share/glpi/front/blacklist.form.php
 share/glpi/front/blacklist.php
 share/glpi/front/blacklistedmailcontent.form.php
@@ -711,7 +717,6 @@
 share/glpi/inc/authmail.class.php
 share/glpi/inc/autoload.function.php
 share/glpi/inc/autoupdatesystem.class.php
-share/glpi/inc/backup.class.php
 share/glpi/inc/based_config.php
 share/glpi/inc/blacklist.class.php
 share/glpi/inc/blacklistedmailcontent.class.php
@@ -779,6 +784,7 @@
 share/glpi/inc/console/ldap/synchronizeuserscommand.class.php
 share/glpi/inc/console/migration/buildmissingtimestampscommand.class.php
 share/glpi/inc/console/migration/myisamtoinnodbcommand.class.php
+share/glpi/inc/console/security/changekeycommand.class.php
 share/glpi/inc/console/task/unlockcommand.class.php
 share/glpi/inc/consumable.class.php
 share/glpi/inc/consumableitem.class.php
@@ -866,6 +872,7 @@
 share/glpi/inc/fqdn.class.php
 share/glpi/inc/fqdnlabel.class.php
 share/glpi/inc/glpi.class.php
+share/glpi/inc/glpikey.class.php
 share/glpi/inc/glpimailer.class.php
 share/glpi/inc/glpinetwork.class.php
 share/glpi/inc/glpipdf.class.php
@@ -1258,6 +1265,8 @@
 share/glpi/install/update_940_941.php
 share/glpi/install/update_941_942.php
 share/glpi/install/update_942_943.php
+share/glpi/install/update_943_945.php
+share/glpi/install/update_945_946.php
 share/glpi/install/update_content.php
 share/glpi/install/update_to_031.php
 share/glpi/install/update_xx_xy.tpl.php
@@ -1287,6 +1296,7 @@
 share/glpi/lib/chartist-plugin-tooltip-0.0.17/chartist-plugin-tooltip.css
 share/glpi/lib/chartist-plugin-tooltip-0.0.17/chartist-plugin-tooltip.js
 share/glpi/lib/chartist-plugin-tooltip-0.0.17/chartist-plugin-tooltip.min.js
+share/glpi/lib/file-type.js
 share/glpi/lib/font-awesome/LICENSE.txt
 share/glpi/lib/font-awesome/css/all.css
 share/glpi/lib/font-awesome/css/all.min.css
@@ -2265,6 +2275,9 @@
 share/glpi/vendor/leafo/scssphp/src/Type.php
 share/glpi/vendor/leafo/scssphp/src/Util.php
 share/glpi/vendor/leafo/scssphp/src/Version.php
+share/glpi/vendor/michelf/php-markdown/.editorconfig
+share/glpi/vendor/michelf/php-markdown/.scrutinizer.yml
+share/glpi/vendor/michelf/php-markdown/.travis.yml
 share/glpi/vendor/michelf/php-markdown/License.md
 share/glpi/vendor/michelf/php-markdown/Michelf/Markdown.inc.php
 share/glpi/vendor/michelf/php-markdown/Michelf/Markdown.php
@@ -2745,6 +2758,7 @@
 share/glpi/vendor/symfony/console/Tests/CommandLoader/FactoryCommandLoaderTest.php
 share/glpi/vendor/symfony/console/Tests/DependencyInjection/AddConsoleCommandPassTest.php
 share/glpi/vendor/symfony/console/Tests/Descriptor/AbstractDescriptorTest.php
+share/glpi/vendor/symfony/console/Tests/Descriptor/ApplicationDescriptionTest.php
 share/glpi/vendor/symfony/console/Tests/Descriptor/JsonDescriptorTest.php
 share/glpi/vendor/symfony/console/Tests/Descriptor/MarkdownDescriptorTest.php
 share/glpi/vendor/symfony/console/Tests/Descriptor/ObjectsProvider.php
@@ -2768,6 +2782,7 @@
 share/glpi/vendor/symfony/console/Tests/Fixtures/Foo5Command.php
 share/glpi/vendor/symfony/console/Tests/Fixtures/Foo6Command.php
 share/glpi/vendor/symfony/console/Tests/Fixtures/FooCommand.php
+share/glpi/vendor/symfony/console/Tests/Fixtures/FooHiddenCommand.php
 share/glpi/vendor/symfony/console/Tests/Fixtures/FooLock2Command.php
 share/glpi/vendor/symfony/console/Tests/Fixtures/FooLockCommand.php
 share/glpi/vendor/symfony/console/Tests/Fixtures/FooOptCommand.php
@@ -2814,9 +2829,9 @@
 share/glpi/vendor/symfony/console/Tests/Fixtures/Style/SymfonyStyle/output/output_7.txt
 share/glpi/vendor/symfony/console/Tests/Fixtures/Style/SymfonyStyle/output/output_8.txt
 share/glpi/vendor/symfony/console/Tests/Fixtures/Style/SymfonyStyle/output/output_9.txt
+share/glpi/vendor/symfony/console/Tests/Fixtures/TestAmbiguousCommandRegistering.php
+share/glpi/vendor/symfony/console/Tests/Fixtures/TestAmbiguousCommandRegistering2.php
 share/glpi/vendor/symfony/console/Tests/Fixtures/TestCommand.php
-share/glpi/vendor/symfony/console/Tests/Fixtures/TestTiti.php
-share/glpi/vendor/symfony/console/Tests/Fixtures/TestToto.php
 share/glpi/vendor/symfony/console/Tests/Fixtures/application_1.json
 share/glpi/vendor/symfony/console/Tests/Fixtures/application_1.md
 share/glpi/vendor/symfony/console/Tests/Fixtures/application_1.txt
@@ -2955,6 +2970,7 @@
 share/glpi/vendor/symfony/console/Tests/Output/NullOutputTest.php
 share/glpi/vendor/symfony/console/Tests/Output/OutputTest.php
 share/glpi/vendor/symfony/console/Tests/Output/StreamOutputTest.php
+share/glpi/vendor/symfony/console/Tests/Question/ChoiceQuestionTest.php
 share/glpi/vendor/symfony/console/Tests/Question/ConfirmationQuestionTest.php
 share/glpi/vendor/symfony/console/Tests/Style/SymfonyStyleTest.php
 share/glpi/vendor/symfony/console/Tests/TerminalTest.php
@@ -3032,6 +3048,7 @@
 share/glpi/vendor/tecnickcom/tcpdf/CHANGELOG.TXT
 share/glpi/vendor/tecnickcom/tcpdf/LICENSE.TXT
 share/glpi/vendor/tecnickcom/tcpdf/README.md
+share/glpi/vendor/tecnickcom/tcpdf/VERSION
 share/glpi/vendor/tecnickcom/tcpdf/config/tcpdf_config.php
 share/glpi/vendor/tecnickcom/tcpdf/fonts/ae_fonts_2.0/COPYING
 share/glpi/vendor/tecnickcom/tcpdf/fonts/ae_fonts_2.0/ChangeLog
@@ -3692,6 +3709,7 @@
 share/glpi/vendor/zendframework/zend-i18n/src/View/Helper/Translate.php
 share/glpi/vendor/zendframework/zend-i18n/src/View/Helper/TranslatePlural.php
 share/glpi/vendor/zendframework/zend-i18n/src/View/HelperConfig.php
+share/glpi/vendor/zendframework/zend-i18n/src/View/HelperTrait.php
 share/glpi/vendor/zendframework/zend-json/CHANGELOG.md
 share/glpi/vendor/zendframework/zend-json/LICENSE.md
 share/glpi/vendor/zendframework/zend-json/README.md
diff -r 6d3a260b8ddb -r ed7aa93adc27 www/php-glpi/distinfo
--- a/www/php-glpi/distinfo     Tue May 19 14:20:58 2020 +0000
+++ b/www/php-glpi/distinfo     Tue May 19 14:21:13 2020 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.8 2019/09/26 14:52:24 hauke Exp $
+$NetBSD: distinfo,v 1.9 2020/05/19 14:21:13 hauke Exp $
 
-SHA1 (glpi-9.4.4.tgz) = c27ef1ee25712ce1f44ba55bb56567497b91ca76
-RMD160 (glpi-9.4.4.tgz) = 108040e86b3ff6d0a21236b41eec1eb1a18f7642
-SHA512 (glpi-9.4.4.tgz) = c1bd4a8512daf48eb079c8fbee3fe1a441611040a2431c0808050c795b00a3afe7b4456384d378969201d5367257bb60c597b3b584f82ea67e83d8dfa98d397a
-Size (glpi-9.4.4.tgz) = 34875134 bytes
+SHA1 (glpi-9.4.6.tgz) = 358e5f85f8eb1a15f0c3d051807c48b6d2867f8c
+RMD160 (glpi-9.4.6.tgz) = b56a5ef32bbae6a34ff750177c1c4cd0452735f0
+SHA512 (glpi-9.4.6.tgz) = a7bd8f2c351d17feb245716b3716268a43be513d3265916c93e0ce926bce3c754c05b9c1c237336bab74cd2ddb349c722dcaf994f39f5e1b5f2c01e0565df0de
+Size (glpi-9.4.6.tgz) = 35006348 bytes



Home | Main Index | Thread Index | Old Index