mirror of
https://git.FreeBSD.org/ports.git
synced 2024-12-24 04:33:24 +00:00
de51be0645
- use PKGNAMESUFFIX instead LATEST_LINK - whitespace cleanup - svn mv */bugzilla to */bugzilla40 - add vuxml entry 4.4.1, 4.2.7, and 4.0.11 Security Advisory Wednesday Oct 16th, 2013 Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla: * A CSRF vulnerability in process_bug.cgi affecting Bugzilla 4.4 only can lead to a bug being edited without the user consent. * A CSRF vulnerability in attachment.cgi can lead to an attachment being edited without the user consent. * Several unfiltered parameters when editing flagtypes can lead to XSS. * Due to an incomplete fix for CVE-2012-4189, some incorrectly filtered field values in tabular reports can lead to XSS. All affected installations are encouraged to upgrade as soon as possible. [1] even bugzilla40 gets upstream fixes an upgrade to bugzilla42/44 is recommend Security: vid e135f0c9-375f-11e3-80b7-20cf30e32f6d CVE-2013-1733 CVE-2013-1734 CVE-2013-1742 CVE-2013-1743
72 lines
1.4 KiB
Makefile
72 lines
1.4 KiB
Makefile
# $FreeBSD$
|
|
|
|
OPTIONS_DEFINE= \
|
|
DOCS \
|
|
MODPERL
|
|
|
|
OPTIONS_GROUP= UI DBBACKEND REPORTING ATTACHMENT EMAIL WEBSERVICE AUTH ADMIN
|
|
|
|
OPTIONS_GROUP_ADMIN= \
|
|
MOVE_BUGZ \
|
|
EXPORT_IMPORT \
|
|
CONTRIB
|
|
|
|
OPTIONS_GROUP_ATTACHMENT=\
|
|
BMP2PNG
|
|
|
|
OPTIONS_GROUP_AUTH= \
|
|
LDAP \
|
|
RADIUS
|
|
|
|
OPTIONS_GROUP_DBBACKEND= \
|
|
MYSQL \
|
|
PGSQL \
|
|
SQLITE
|
|
|
|
OPTIONS_GROUP_EMAIL= \
|
|
INBOUND_EMAIL \
|
|
MAIL_QUEUEING
|
|
|
|
OPTIONS_GROUP_REPORTING= \
|
|
GRAPHVIZ \
|
|
GRAPH_REPORTS \
|
|
CHARTING_MODULES
|
|
|
|
OPTIONS_GROUP_WEBSERVICE= \
|
|
XMLRPC \
|
|
JSONRPC
|
|
|
|
OPTIONS_GROUP_UI= \
|
|
PATCH_VIEWER \
|
|
MORE_HTML
|
|
|
|
OPTIONS_DEFAULT= \
|
|
CHARTING_MODULES\
|
|
CONTRIB \
|
|
GRAPH_REPORTS \
|
|
MORE_HTML \
|
|
PATCH_VIEWER
|
|
|
|
BMP2PNG_DESC= BMP Attachments to PNGs
|
|
CHARTING_MODULES_DESC= Bug charting support
|
|
CONTRIB_DESC= Install user-contributed scripts
|
|
EXPORT_IMPORT_DESC= Import/export bugs (via XML)
|
|
GRAPH_REPORTS_DESC= Graphical Reports
|
|
INBOUND_EMAIL_DESC= Inbound Email
|
|
JSONRPC_DESC= JSON-RPC Interface
|
|
MAIL_QUEUEING_DESC= Mail Queueing
|
|
MORE_HTML_DESC= More HTML in Product/Group Descriptions
|
|
MOVE_BUGZ_DESC= Move Bugs Between Installations
|
|
PATCH_VIEWER_DESC= Patch Viewer
|
|
XMLRPC_DESC= XML-RPC Interface
|
|
|
|
# Option group description
|
|
ADMIN_DESC= Administration
|
|
ATTACHMENT_DESC= Attachment handling
|
|
AUTH_DESC= Alternative Authentication
|
|
DBBACKEND_DESC= Database Engine
|
|
EMAIL_DESC= Email handling
|
|
REPORTING_DESC= Reports and Charts
|
|
WEBSERVICE_DESC= Web Services
|
|
|