mirror of
https://git.FreeBSD.org/ports.git
synced 2024-10-18 19:49:40 +00:00
- update to latest release [1]
- use PKGNAMESUFFIX instead LATEST_LINK - whitespace cleanup - svn mv */bugzilla to */bugzilla40 - add vuxml entry 4.4.1, 4.2.7, and 4.0.11 Security Advisory Wednesday Oct 16th, 2013 Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla: * A CSRF vulnerability in process_bug.cgi affecting Bugzilla 4.4 only can lead to a bug being edited without the user consent. * A CSRF vulnerability in attachment.cgi can lead to an attachment being edited without the user consent. * Several unfiltered parameters when editing flagtypes can lead to XSS. * Due to an incomplete fix for CVE-2012-4189, some incorrectly filtered field values in tabular reports can lead to XSS. All affected installations are encouraged to upgrade as soon as possible. [1] even bugzilla40 gets upstream fixes an upgrade to bugzilla42/44 is recommend Security: vid e135f0c9-375f-11e3-80b7-20cf30e32f6d CVE-2013-1733 CVE-2013-1734 CVE-2013-1742 CVE-2013-1743
This commit is contained in:
Olli Hauer
parent
ffc964c93f
commit
de51be0645
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=330666
3
MOVED
3
MOVED
@ -5116,3 +5116,6 @@ audio/akode-plugins-oss||2013-10-17|Removed: Dependency of KDE 3.x
|
||||
audio/akode-plugins-pulseaudio||2013-10-17|Removed: Dependency of KDE 3.x
|
||||
audio/akode-plugins-resampler||2013-10-17|Removed: Dependency of KDE 3.x
|
||||
audio/akode-plugins-xiph||2013-10-17|Removed: Dependency of KDE 3.x
|
||||
german/bugzilla|german/bugzilla40|2013-10-17|Reflect PORTNAME
|
||||
japanese/bugzilla|japanese/bugzilla40|2013-10-17|Reflect PORTNAME
|
||||
russian/bugzilla|russian/bugzilla40|2013-10-17|Reflect PORTNAME
|
||||
|
||||
@ -147,7 +147,7 @@
|
||||
SUBDIR += bsdlibdwarf
|
||||
SUBDIR += bufferpool
|
||||
SUBDIR += bug-buddy
|
||||
SUBDIR += bugzilla
|
||||
SUBDIR += bugzilla40
|
||||
SUBDIR += bugzilla42
|
||||
SUBDIR += bugzilla44
|
||||
SUBDIR += build
|
||||
|
||||
@ -1,2 +0,0 @@
|
||||
SHA256 (bugzilla/bugzilla-4.0.10.tar.gz) = cdf8a596f34bd0f773a0c9c728a0dd8ed0214d9f19e142e918b25294202e3fa2
|
||||
SIZE (bugzilla/bugzilla-4.0.10.tar.gz) = 2804655
|
||||
@ -1,7 +1,7 @@
|
||||
# $FreeBSD$
|
||||
|
||||
PORTNAME= bugzilla
|
||||
PORTVERSION= 4.0.10
|
||||
PORTVERSION= 4.0.11
|
||||
CATEGORIES= devel
|
||||
MASTER_SITES= ${MASTER_SITE_MOZILLA}
|
||||
MASTER_SITE_SUBDIR= webtools webtools/archived
|
||||
@ -44,8 +44,6 @@ EMPTY_DIRS_LIST=data graphs contrib lib t xt
|
||||
USE_APACHE_RUN= 22+
|
||||
.endif
|
||||
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
.if ${PORT_OPTIONS:MMYSQL}
|
||||
USE_MYSQL= yes
|
||||
RUN_DEPENDS+= p5-DBD-mysql>=2.9003:${PORTSDIR}/databases/p5-DBD-mysql
|
||||
@ -175,4 +173,4 @@ do-install: .SILENT
|
||||
${FIND} . -type f -exec ${INSTALL_DATA} "{}" "${STAGEDIR}${WWWDIR}/contrib/{}" \;
|
||||
.endif
|
||||
|
||||
.include <bsd.port.post.mk>
|
||||
.include <bsd.port.mk>
|
||||
@ -1,8 +1,10 @@
|
||||
# $FreeBSD$
|
||||
|
||||
DIST_SUBDIR= ${PORTNAME}
|
||||
PKGNAMESUFFIX= 40
|
||||
|
||||
CONFLICTS_INSTALL= \
|
||||
bugzilla4[^0].* \
|
||||
bugzilla-4.[^0].*
|
||||
|
||||
PORTSCOUT= limit:^4\.0\.
|
||||
@ -11,10 +11,10 @@ OPTIONS_GROUP_ADMIN= \
|
||||
EXPORT_IMPORT \
|
||||
CONTRIB
|
||||
|
||||
OPTIONS_GROUP_ATTACHMENT= \
|
||||
OPTIONS_GROUP_ATTACHMENT=\
|
||||
BMP2PNG
|
||||
|
||||
OPTIONS_GROUP_AUTH= \
|
||||
OPTIONS_GROUP_AUTH= \
|
||||
LDAP \
|
||||
RADIUS
|
||||
|
||||
2
devel/bugzilla40/distinfo
Normal file
2
devel/bugzilla40/distinfo
Normal file
@ -0,0 +1,2 @@
|
||||
SHA256 (bugzilla/bugzilla-4.0.11.tar.gz) = d2e454a5a705f3728a6645c27793f7c8d3058dda675704eac4a9a856f16b0c0f
|
||||
SIZE (bugzilla/bugzilla-4.0.11.tar.gz) = 2785420
|
||||
@ -971,6 +971,8 @@
|
||||
@dirrmtry %%WWWDIR%%/js/yui
|
||||
@dirrmtry %%WWWDIR%%/js
|
||||
@dirrm %%WWWDIR%%/images
|
||||
@dirrmtry %%WWWDIR%%/graphs
|
||||
@dirrmtry %%WWWDIR%%/data
|
||||
%%CONTRIB%%@dirrm %%WWWDIR%%/contrib/cmdline
|
||||
%%CONTRIB%%@dirrm %%WWWDIR%%/contrib/bugzilla-submit
|
||||
@dirrmtry %%WWWDIR%%/contrib
|
||||
@ -996,8 +998,6 @@
|
||||
@dirrm %%WWWDIR%%/Bugzilla/Auth
|
||||
@dirrm %%WWWDIR%%/Bugzilla/Attachment
|
||||
@dirrmtry %%WWWDIR%%/Bugzilla
|
||||
@dirrmtry %%WWWDIR%%/data
|
||||
@dirrmtry %%WWWDIR%%/graphs
|
||||
@dirrmtry %%WWWDIR%%
|
||||
%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple/HTMLBatch
|
||||
%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple/HTML
|
||||
@ -1030,9 +1030,3 @@
|
||||
%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html
|
||||
%%PORTDOCS%%@dirrm %%DOCSDIR%%/en
|
||||
%%PORTDOCS%%@dirrm %%DOCSDIR%%
|
||||
@exec mkdir -p %D/%%WWWDIR%%/xt
|
||||
@exec mkdir -p %D/%%WWWDIR%%/t
|
||||
@exec mkdir -p %D/%%WWWDIR%%/lib
|
||||
@exec mkdir -p %D/%%WWWDIR%%/graphs
|
||||
@exec mkdir -p %D/%%WWWDIR%%/data
|
||||
@exec mkdir -p %D/%%WWWDIR%%/contrib
|
||||
@ -1,7 +1,7 @@
|
||||
# $FreeBSD$
|
||||
|
||||
PORTNAME= bugzilla
|
||||
PORTVERSION= 4.2.6
|
||||
PORTVERSION= 4.2.7
|
||||
CATEGORIES= devel
|
||||
MASTER_SITES= ${MASTER_SITE_MOZILLA}
|
||||
MASTER_SITE_SUBDIR= webtools webtools/archived
|
||||
@ -25,8 +25,6 @@ RUN_DEPENDS= \
|
||||
p5-TimeDate>=1.19:${PORTSDIR}/devel/p5-TimeDate \
|
||||
p5-URI>=1.37:${PORTSDIR}/net/p5-URI
|
||||
|
||||
LATEST_LINK= bugzilla42
|
||||
|
||||
USES= perl5
|
||||
USE_PERL5= patch run build
|
||||
|
||||
@ -47,8 +45,6 @@ EMPTY_DIRS_LIST=data graphs contrib lib t xt
|
||||
USE_APACHE_RUN= 22+
|
||||
.endif
|
||||
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
.if ${PORT_OPTIONS:MMYSQL}
|
||||
USE_MYSQL= yes
|
||||
RUN_DEPENDS+= p5-DBD-mysql>=4.0001:${PORTSDIR}/databases/p5-DBD-mysql
|
||||
@ -184,4 +180,4 @@ do-install: .SILENT
|
||||
${FIND} . -type f -exec ${INSTALL_DATA} "{}" "${STAGEDIR}${WWWDIR}/contrib/{}" \;
|
||||
.endif
|
||||
|
||||
.include <bsd.port.post.mk>
|
||||
.include <bsd.port.mk>
|
||||
|
||||
@ -1,8 +1,10 @@
|
||||
# $FreeBSD$
|
||||
|
||||
DIST_SUBDIR= ${PORTNAME}
|
||||
PKGNAMESUFFIX= 42
|
||||
|
||||
CONFLICTS_INSTALL= \
|
||||
bugzilla4[^2].* \
|
||||
bugzilla-4.[^2].*
|
||||
|
||||
PORTSCOUT= limitw:1,even
|
||||
|
||||
@ -11,10 +11,10 @@ OPTIONS_GROUP_ADMIN= \
|
||||
EXPORT_IMPORT \
|
||||
CONTRIB
|
||||
|
||||
OPTIONS_GROUP_ATTACHMENT= \
|
||||
OPTIONS_GROUP_ATTACHMENT=\
|
||||
BMP2PNG
|
||||
|
||||
OPTIONS_GROUP_AUTH= \
|
||||
OPTIONS_GROUP_AUTH= \
|
||||
LDAP \
|
||||
RADIUS
|
||||
|
||||
|
||||
@ -1,2 +1,2 @@
|
||||
SHA256 (bugzilla/bugzilla-4.2.6.tar.gz) = 16ede21f92e672ed19aadeddd24136a8ec76ec14e6bf9627fe33207f2531807d
|
||||
SIZE (bugzilla/bugzilla-4.2.6.tar.gz) = 2425903
|
||||
SHA256 (bugzilla/bugzilla-4.2.7.tar.gz) = c2350e02e287f10dc21d7a1813d5311d84804fb1f3418d4ef5c7e335458fc189
|
||||
SIZE (bugzilla/bugzilla-4.2.7.tar.gz) = 2964784
|
||||
|
||||
@ -179,7 +179,7 @@
|
||||
%%PORTDOCS%%%%DOCSDIR%%/en/images/note.gif
|
||||
%%PORTDOCS%%%%DOCSDIR%%/en/images/tip.gif
|
||||
%%PORTDOCS%%%%DOCSDIR%%/en/images/warning.gif
|
||||
@comment %%PORTDOCS%%%%DOCSDIR%%/en/pdf/Bugzilla-Guide.pdf
|
||||
%%PORTDOCS%%%%DOCSDIR%%/en/pdf/Bugzilla-Guide.pdf
|
||||
%%PORTDOCS%%%%DOCSDIR%%/en/rel_notes.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/en/txt/Bugzilla-Guide.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/en/xml/Bugzilla-Guide.xml
|
||||
@ -987,6 +987,8 @@
|
||||
@dirrmtry %%WWWDIR%%/js/history.js
|
||||
@dirrmtry %%WWWDIR%%/js
|
||||
@dirrm %%WWWDIR%%/images
|
||||
@dirrmtry %%WWWDIR%%/graphs
|
||||
@dirrmtry %%WWWDIR%%/data
|
||||
%%CONTRIB%%@dirrm %%WWWDIR%%/contrib/cmdline
|
||||
%%CONTRIB%%@dirrm %%WWWDIR%%/contrib/bugzilla-submit
|
||||
@dirrmtry %%WWWDIR%%/contrib
|
||||
@ -1014,8 +1016,6 @@
|
||||
@dirrm %%WWWDIR%%/Bugzilla/Auth
|
||||
@dirrm %%WWWDIR%%/Bugzilla/Attachment
|
||||
@dirrmtry %%WWWDIR%%/Bugzilla
|
||||
@dirrmtry %%WWWDIR%%/data
|
||||
@dirrmtry %%WWWDIR%%/graphs
|
||||
@dirrmtry %%WWWDIR%%
|
||||
%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple/HTMLBatch
|
||||
%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple/HTML
|
||||
@ -1048,9 +1048,3 @@
|
||||
%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html
|
||||
%%PORTDOCS%%@dirrm %%DOCSDIR%%/en
|
||||
%%PORTDOCS%%@dirrm %%DOCSDIR%%
|
||||
@exec mkdir -p %D/%%WWWDIR%%/xt
|
||||
@exec mkdir -p %D/%%WWWDIR%%/t
|
||||
@exec mkdir -p %D/%%WWWDIR%%/lib
|
||||
@exec mkdir -p %D/%%WWWDIR%%/graphs
|
||||
@exec mkdir -p %D/%%WWWDIR%%/data
|
||||
@exec mkdir -p %D/%%WWWDIR%%/contrib
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
# $FreeBSD$
|
||||
|
||||
PORTNAME= bugzilla
|
||||
PORTVERSION= 4.4
|
||||
PORTVERSION= 4.4.1
|
||||
CATEGORIES= devel
|
||||
MASTER_SITES= ${MASTER_SITE_MOZILLA}
|
||||
MASTER_SITE_SUBDIR= webtools webtools/archived
|
||||
@ -25,8 +25,6 @@ RUN_DEPENDS= \
|
||||
p5-TimeDate>=1.19:${PORTSDIR}/devel/p5-TimeDate \
|
||||
p5-URI>=1.37:${PORTSDIR}/net/p5-URI
|
||||
|
||||
LATEST_LINK= bugzilla44
|
||||
|
||||
USES= perl5
|
||||
USE_PERL5= patch build run
|
||||
|
||||
@ -47,8 +45,6 @@ EMPTY_DIRS_LIST=data graphs contrib lib t xt
|
||||
USE_APACHE_RUN= 22+
|
||||
.endif
|
||||
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
.if ${PORT_OPTIONS:MMYSQL}
|
||||
USE_MYSQL= yes
|
||||
RUN_DEPENDS+= p5-DBD-mysql>=4.0001:${PORTSDIR}/databases/p5-DBD-mysql
|
||||
@ -175,6 +171,8 @@ post-patch:
|
||||
@${FIND} ${WRKSRC} \( -name "CVS" -or -name ".cvsignore" -or -name "*.orig" \
|
||||
-or -name "*.bak" -or -name ".bzr*" -or -name "README.docs" \) \
|
||||
| ${XARGS} ${RM} -rf
|
||||
# empty leftover
|
||||
@${RM} ${WRKSRC}/docs/en/html/Bugzilla-Guide.proc
|
||||
|
||||
do-install: .SILENT
|
||||
${MKDIR} ${STAGEDIR}${WWWDIR}
|
||||
@ -198,4 +196,4 @@ do-install: .SILENT
|
||||
${FIND} . -type f -exec ${INSTALL_DATA} "{}" "${STAGEDIR}${WWWDIR}/contrib/{}" \;
|
||||
.endif
|
||||
|
||||
.include <bsd.port.post.mk>
|
||||
.include <bsd.port.mk>
|
||||
|
||||
@ -1,8 +1,10 @@
|
||||
# $FreeBSD$
|
||||
|
||||
DIST_SUBDIR= ${PORTNAME}
|
||||
PKGNAMESUFFIX= 44
|
||||
|
||||
CONFLICTS_INSTALL= \
|
||||
bugzilla4[^4].* \
|
||||
bugzilla-4.[^4].*
|
||||
|
||||
PORTSCOUT= limitw:1,even
|
||||
|
||||
@ -1,2 +1,2 @@
|
||||
SHA256 (bugzilla/bugzilla-4.4.tar.gz) = 709e1b07ca23a91fbf5fb3d34645a8b574af39034b216daa1811effd02ebd72e
|
||||
SIZE (bugzilla/bugzilla-4.4.tar.gz) = 2441533
|
||||
SHA256 (bugzilla/bugzilla-4.4.1.tar.gz) = cc63513b98f7f0a523c58c642554ec72ee1e941f7d13c306e2e8c7e4cceeb428
|
||||
SIZE (bugzilla/bugzilla-4.4.1.tar.gz) = 2966058
|
||||
|
||||
@ -183,7 +183,7 @@
|
||||
%%PORTDOCS%%%%DOCSDIR%%/en/images/note.gif
|
||||
%%PORTDOCS%%%%DOCSDIR%%/en/images/tip.gif
|
||||
%%PORTDOCS%%%%DOCSDIR%%/en/images/warning.gif
|
||||
@comment %%PORTDOCS%%%%DOCSDIR%%/en/pdf/Bugzilla-Guide.pdf
|
||||
%%PORTDOCS%%%%DOCSDIR%%/en/pdf/Bugzilla-Guide.pdf
|
||||
%%PORTDOCS%%%%DOCSDIR%%/en/rel_notes.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/en/txt/Bugzilla-Guide.txt
|
||||
%%PORTDOCS%%%%DOCSDIR%%/en/xml/Bugzilla-Guide.xml
|
||||
@ -999,6 +999,8 @@
|
||||
@dirrmtry %%WWWDIR%%/js/history.js
|
||||
@dirrmtry %%WWWDIR%%/js
|
||||
@dirrm %%WWWDIR%%/images
|
||||
@dirrmtry %%WWWDIR%%/graphs
|
||||
@dirrmtry %%WWWDIR%%/data
|
||||
%%CONTRIB%%@dirrm %%WWWDIR%%/contrib/cmdline
|
||||
%%CONTRIB%%@dirrm %%WWWDIR%%/contrib/bugzilla-submit
|
||||
@dirrmtry %%WWWDIR%%/contrib
|
||||
@ -1027,8 +1029,6 @@
|
||||
@dirrm %%WWWDIR%%/Bugzilla/Auth
|
||||
@dirrm %%WWWDIR%%/Bugzilla/Attachment
|
||||
@dirrmtry %%WWWDIR%%/Bugzilla
|
||||
@dirrmtry %%WWWDIR%%/data
|
||||
@dirrmtry %%WWWDIR%%/graphs
|
||||
@dirrmtry %%WWWDIR%%
|
||||
%%PORTDOCS%%@dirrm %%DOCSDIR%%/xsl
|
||||
%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple/HTMLBatch
|
||||
@ -1062,10 +1062,3 @@
|
||||
%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html
|
||||
%%PORTDOCS%%@dirrm %%DOCSDIR%%/en
|
||||
%%PORTDOCS%%@dirrm %%DOCSDIR%%
|
||||
@exec mkdir -p %D/%%WWWDIR%%/xt
|
||||
@exec mkdir -p %D/%%WWWDIR%%/t
|
||||
@exec mkdir -p %D/%%WWWDIR%%/lib
|
||||
@exec mkdir -p %D/%%WWWDIR%%/graphs
|
||||
@exec mkdir -p %D/%%WWWDIR%%/data
|
||||
@exec mkdir -p %D/%%WWWDIR%%/contrib
|
||||
%%PORTDOCS%%@exec mkdir -p %D/%%DOCSDIR%%/en/pdf
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
SUBDIR += bsdforen-firefox-searchplugin
|
||||
SUBDIR += bsdgroup-firefox-searchplugin
|
||||
SUBDIR += bsdpaste
|
||||
SUBDIR += bugzilla
|
||||
SUBDIR += bugzilla40
|
||||
SUBDIR += bugzilla42
|
||||
SUBDIR += bugzilla44
|
||||
SUBDIR += calligra-l10n
|
||||
|
||||
@ -10,9 +10,7 @@ DISTNAME= germzilla-${PORTVERSION}-1.utf-8
|
||||
MAINTAINER= bugzilla@FreeBSD.org
|
||||
COMMENT= German localization for Bugzilla
|
||||
|
||||
RUN_DEPENDS= bugzilla>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla
|
||||
|
||||
LATEST_LINK= ${PKGNAMEPREFIX}bugzilla
|
||||
RUN_DEPENDS= bugzilla40>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla
|
||||
|
||||
NO_WRKSUBDIR= yes
|
||||
|
||||
@ -10,9 +10,7 @@ DISTNAME= germzilla-${PORTVERSION}-1.utf-8
|
||||
MAINTAINER= bugzilla@FreeBSD.org
|
||||
COMMENT= German localization for Bugzilla
|
||||
|
||||
RUN_DEPENDS= bugzilla>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla42
|
||||
|
||||
LATEST_LINK= ${PKGNAMEPREFIX}bugzilla42
|
||||
RUN_DEPENDS= bugzilla42>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla42
|
||||
|
||||
NO_WRKSUBDIR= yes
|
||||
|
||||
|
||||
@ -11,9 +11,7 @@ DISTNAME= germzilla-${PORTVERSION}-1.utf-8
|
||||
MAINTAINER= bugzilla@FreeBSD.org
|
||||
COMMENT= German localization for Bugzilla
|
||||
|
||||
RUN_DEPENDS= bugzilla>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla44
|
||||
|
||||
LATEST_LINK= ${PKGNAMEPREFIX}bugzilla44
|
||||
RUN_DEPENDS= bugzilla44>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla44
|
||||
|
||||
NO_WRKSUBDIR= yes
|
||||
|
||||
|
||||
@ -25,7 +25,7 @@
|
||||
SUBDIR += awffull
|
||||
SUBDIR += bible_names-fpw
|
||||
SUBDIR += bookview
|
||||
SUBDIR += bugzilla
|
||||
SUBDIR += bugzilla40
|
||||
SUBDIR += bugzilla42
|
||||
SUBDIR += bugzilla44
|
||||
SUBDIR += calligra-l10n
|
||||
|
||||
@ -11,7 +11,7 @@ DISTNAME= Bugzilla-ja-${PORTVERSION}-template
|
||||
MAINTAINER= bugzilla@FreeBSD.org
|
||||
COMMENT= Japanese localization for Bugzilla
|
||||
|
||||
RUN_DEPENDS= bugzilla>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla
|
||||
RUN_DEPENDS= bugzilla40>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla40
|
||||
|
||||
NO_WRKSUBDIR= yes
|
||||
|
||||
@ -11,9 +11,7 @@ DISTNAME= Bugzilla-ja-${PORTVERSION}-template
|
||||
MAINTAINER= bugzilla@FreeBSD.org
|
||||
COMMENT= Japanese localization for Bugzilla
|
||||
|
||||
RUN_DEPENDS= bugzilla>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla42
|
||||
|
||||
LATEST_LINK= ${PKGNAMEPREFIX}bugzilla42
|
||||
RUN_DEPENDS= bugzilla42>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla42
|
||||
|
||||
NO_WRKSUBDIR= yes
|
||||
|
||||
|
||||
@ -11,9 +11,7 @@ DISTNAME= Bugzilla-ja-${PORTVERSION}-template
|
||||
MAINTAINER= bugzilla@FreeBSD.org
|
||||
COMMENT= Japanese localization for Bugzilla
|
||||
|
||||
RUN_DEPENDS= bugzilla>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla44
|
||||
|
||||
LATEST_LINK= ${PKGNAMEPREFIX}bugzilla44
|
||||
RUN_DEPENDS= bugzilla44>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla44
|
||||
|
||||
NO_WRKSUBDIR= yes
|
||||
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
SUBDIR += MT
|
||||
SUBDIR += artwiz-ru
|
||||
SUBDIR += aspell
|
||||
SUBDIR += bugzilla
|
||||
SUBDIR += bugzilla40
|
||||
SUBDIR += bugzilla42
|
||||
SUBDIR += calligra-l10n
|
||||
SUBDIR += d1489
|
||||
|
||||
@ -10,7 +10,7 @@ DISTNAME= bugzilla-${PORTVERSION}-ru-20130222
|
||||
MAINTAINER= bugzilla@FreeBSD.org
|
||||
COMMENT= Russian localization for Bugzilla
|
||||
|
||||
RUN_DEPENDS= bugzilla>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla
|
||||
RUN_DEPENDS= bugzilla40>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla40
|
||||
|
||||
WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION}.ru
|
||||
|
||||
@ -10,14 +10,12 @@ DISTNAME= bugzilla-${PORTVERSION}-ru-20130618
|
||||
MAINTAINER= bugzilla@FreeBSD.org
|
||||
COMMENT= Russian localization for Bugzilla
|
||||
|
||||
RUN_DEPENDS= bugzilla>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla42
|
||||
RUN_DEPENDS= bugzilla42>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla42
|
||||
|
||||
WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION}.ru
|
||||
|
||||
.include "${.CURDIR}/../../devel/bugzilla42/Makefile.common"
|
||||
|
||||
LATEST_LINK= ${PKGNAMEPREFIX}bugzilla42
|
||||
|
||||
do-install:
|
||||
${MKDIR} ${STAGEDIR}${WWWDIR}
|
||||
(cd ${WRKSRC}/ && ${PAX} -r -w * ${STAGEDIR}${WWWDIR})
|
||||
|
||||
@ -51,6 +51,67 @@ Note: Please add new entries to the beginning of this file.
|
||||
|
||||
-->
|
||||
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
|
||||
<vuln vid="e135f0c9-375f-11e3-80b7-20cf30e32f6d">
|
||||
<topic>bugzilla -- multiple vulnerabilities</topic>
|
||||
<affects>
|
||||
<package>
|
||||
<name>bugzilla</name>
|
||||
<name>bugzilla40</name>
|
||||
<name>bugzilla42</name>
|
||||
<name>bugzilla44</name>
|
||||
<range><ge>4.0.0</ge><lt>4.0.11</lt></range>
|
||||
<range><ge>4.2.0</ge><lt>4.2.7</lt></range>
|
||||
<range><ge>4.4</ge><lt>4.4.1</lt></range>
|
||||
</package>
|
||||
</affects>
|
||||
<description>
|
||||
<body xmlns="http://www.w3.org/1999/xhtml">
|
||||
<h1>A Bugzilla Security Advisory reports:</h1>
|
||||
<blockquote cite="http://www.bugzilla.org/security/4.0.10/">
|
||||
<h1>Cross-Site Request Forgery</h1>
|
||||
<p>When a user submits changes to a bug right after another
|
||||
user did, a midair collision page is displayed to inform
|
||||
the user about changes recently made. This page contains
|
||||
a token which can be used to validate the changes if the
|
||||
user decides to submit his changes anyway. A regression
|
||||
in Bugzilla 4.4 caused this token to be recreated if a
|
||||
crafted URL was given, even when no midair collision page
|
||||
was going to be displayed, allowing an attacker to bypass
|
||||
the token check and abuse a user to commit changes on his
|
||||
behalf.</p>
|
||||
<h1>Cross-Site Request Forgery</h1>
|
||||
<p>When an attachment is edited, a token is generated to
|
||||
validate changes made by the user. Using a crafted URL,
|
||||
an attacker could force the token to be recreated,
|
||||
allowing him to bypass the token check and abuse a user
|
||||
to commit changes on his behalf.</p>
|
||||
<h1>Cross-Site Scripting</h1>
|
||||
<p>Some parameters passed to editflagtypes.cgi were not
|
||||
correctly filtered in the HTML page, which could lead
|
||||
to XSS.</p>
|
||||
<h1>Cross-Site Scripting</h1>
|
||||
<p>Due to an incomplete fix for CVE-2012-4189, some
|
||||
incorrectly filtered field values in tabular reports
|
||||
could lead to XSS.</p>
|
||||
</blockquote>
|
||||
</body>
|
||||
</description>
|
||||
<references>
|
||||
<cvename>CVE-2013-1733</cvename>
|
||||
<url>https://bugzilla.mozilla.org/show_bug.cgi?id=911593</url>
|
||||
<cvename>CVE-2013-1734</cvename>
|
||||
<url>https://bugzilla.mozilla.org/show_bug.cgi?id=913904</url>
|
||||
<cvename>CVE-2013-1742</cvename>
|
||||
<url>https://bugzilla.mozilla.org/show_bug.cgi?id=924802</url>
|
||||
<cvename>CVE-2013-1743</cvename>
|
||||
<url>https://bugzilla.mozilla.org/show_bug.cgi?id=924932</url>
|
||||
</references>
|
||||
<dates>
|
||||
<discovery>2013-10-16</discovery>
|
||||
<entry>2013-10-17</entry>
|
||||
</dates>
|
||||
</vuln>
|
||||
|
||||
<vuln vid="8c9b48d1-3715-11e3-a624-00262d8b701d">
|
||||
<topic>dropbear -- exposure of sensitive information, DoS</topic>
|
||||
<affects>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user