in phpbb 2.0.12, privilege elevatiIn my patch:disclosure.
(VuXML ID: 53e711ed-8972-11d9-9ff8-00306e01dda2)
- 1. update www/phpbb to 2.0.13
- 2. use DATADIR in pkg-plist
PR: 78189
Submitted by: Kang Liu (maintainre)
- This release addresses a number of bugs and a couple of potential exploits.
- Release note: [http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=265423]
PR: ports/77943
Submitted by: clsung
Approved by: Kang Liu (maintainer)
phpBB Group are pleased to announce the release of phpBB
2.0.6 the "phew, it's way to hot to be furry" Edition. This
release had been made to fix a number of potential security
related issues and more annoying bugs. (from:
http://www.phpbb.com/phpBB/viewtopic.php?t=124245) Here is
the patch made by me,I would like to be the maintainer of
this port.
PR: ports/55230
Submitted by: Kang Liu <liukang@bjpu.edu.cn>
http://www.phpbb.com/phpBB/viewtopic.php?t=111156
It says "This edition includes a significant number of
fixes for bugs and a minor cross-site scripting issue."
The XSS exploit in phpBB viewtopic.php has been post in
bugtraq.
PR: ports/53691
Submitted by: Kang Liu <lazykang@hotmail.com>
Approved by: for SECURITY UPDATE
- Add necessary dependency on www/mod_php4
- Structure port Makefile and $PLIST in such a way that configuration data is
not overwritten upon reinstall
- Ensure that (de)installation as package also works correctly
- Install documentation under $DOCSDIR
- Bump $PORTREVISION
