Security update to 4.2.4

- while here switch plist to use @sample The advisories: PMASA-2014-2 and PMASA-2014-3, have not been published yet, so there is very little concrete information about what the security problems are. About all there is comes from the change log, where the security issues are listed as: - bug #4464 [security] XSS injection due to unescaped db/table name in navigation hiding - bug #4465 [security] XSS injection due to unescaped db/table name in recent/favorite tables ChaneLog: http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.4/phpMyAdmin-4.2.4-notes.html/view MFH: 2014Q2
svn path=/head/; revision=358641
2024-11-22 00:35:15 +00:00 · 2014-06-20 22:03:01 +00:00 · 2014-06-20 22:03:01 +00:00 · ebafaacee8 · 2021-03-31 03:12:20 +00:00
commit ebafaacee8
parent 8d4b1105dd
3 changed files with 4 additions and 7 deletions
--- a/databases/phpmyadmin/Makefile
+++ b/databases/phpmyadmin/Makefile
@ -2,8 +2,7 @@
 # $FreeBSD$

 PORTNAME=	phpMyAdmin
-DISTVERSION=	4.2.3
-PORTREVISION=	1
+DISTVERSION=	4.2.4
 CATEGORIES=	databases www
 MASTER_SITES=	SF/${PORTNAME:tl}/${PORTNAME}/${DISTVERSION}
 DISTNAME=	${PORTNAME}-${DISTVERSION}-all-languages
--- a/databases/phpmyadmin/distinfo
+++ b/databases/phpmyadmin/distinfo
@ -1,2 +1,2 @@
-SHA256 (phpMyAdmin-4.2.3-all-languages.tar.xz) = 0d96a4009494ef3a6f6b6dc2ca049251945b60350df99b72700c90850f05af48
-SIZE (phpMyAdmin-4.2.3-all-languages.tar.xz) = 5092112
+SHA256 (phpMyAdmin-4.2.4-all-languages.tar.xz) = aebcd7cfabd4993405340ecb2b76ce0cb4ab345a817ae7c371a830e22b2c2513
+SIZE (phpMyAdmin-4.2.4-all-languages.tar.xz) = 5176840
--- a/databases/phpmyadmin/pkg-plist-chunk
+++ b/databases/phpmyadmin/pkg-plist-chunk
@ -1,7 +1,5 @@
@mode 640
@group %%PMA_GRP%%
-@unexec if cmp -s %D/%%WWWDIR%%/config.inc.php.sample %D/%%WWWDIR%%/config.inc.php ; then rm -f %D/%%WWWDIR%%/config.inc.php ; fi
-%%WWWDIR%%/config.inc.php.sample
-@exec [ ! -f %B/config.inc.php ] && cp -p %B/%f %B/config.inc.php || true
+@sample %%WWWDIR%%/config.inc.php.sample
@mode
@group