- update to bugzilla 4.4.6

Summary
=======
The following security issues have been discovered in Bugzilla:

* The 'realname' parameter is not correctly filtered on user account
  creation, which could lead to user data override.
* Several places were found in the Bugzilla code where cross-site
  scripting attacks could be used to access sensitive information.
* Private comments can be shown to flagmail recipients who aren't in
  the insider group
* Specially formatted values in a CSV search results export could be
  used in spreadsheet software to attack a user's computer.

Security:	CVE-2014-1572
		CVE-2014-1571
		CVE-2014-1571

3 files changed, 15 insertions, 180 deletions

diff --git a/devel/bugzilla44/Makefile b/devel/bugzilla44/Makefile
index 16fc2b4ed269..d3e9ab8dd6ec 100644
--- a/devel/bugzilla44/Makefile
+++ b/devel/bugzilla44/Makefile
@@ -1,8 +1,7 @@
 # $FreeBSD$
 
 PORTNAME=	bugzilla
-PORTVERSION=	4.4.5
-PORTREVISION=	1
+PORTVERSION=	4.4.6
 CATEGORIES=	devel
 MASTER_SITES=	BUGZILLA
 MASTER_SITE_SUBDIR=	webtools webtools/archived
@@ -50,7 +49,7 @@ RUN_DEPENDS+=	p5-DBD-mysql>=4.0001:${PORTSDIR}/databases/p5-DBD-mysql
 .endif
 
 .if ${PORT_OPTIONS:MPGSQL}
-USE_PGSQL=	yes
+USES+=		pgsql
 RUN_DEPENDS+=	p5-DBD-Pg>=2.19.3:${PORTSDIR}/databases/p5-DBD-Pg
 .endif
 
diff --git a/devel/bugzilla44/distinfo b/devel/bugzilla44/distinfo
index c931ba97d525..284d44b760b9 100644
--- a/devel/bugzilla44/distinfo
+++ b/devel/bugzilla44/distinfo
@@ -1,2 +1,2 @@
-SHA256 (bugzilla/bugzilla-4.4.5.tar.gz) = 70609fa5bbe55a3b802afcf749a098824d7a96dc87b91ce07b000cfdd7987da5
-SIZE (bugzilla/bugzilla-4.4.5.tar.gz) = 2955964
+SHA256 (bugzilla/bugzilla-4.4.6.tar.gz) = ac3547195f2ce156488aac2cc537620775e08a9d888441daab2b40ab66ab01f4
+SIZE (bugzilla/bugzilla-4.4.6.tar.gz) = 2956046
diff --git a/devel/bugzilla44/pkg-plist b/devel/bugzilla44/pkg-plist
index ea8e3e22e96e..9da4c5e32458 100644
--- a/devel/bugzilla44/pkg-plist
+++ b/devel/bugzilla44/pkg-plist
@@ -887,178 +887,14 @@
 %%WWWDIR%%/whine.pl
 %%WWWDIR%%/whineatnews.pl
 %%WWWDIR%%/xmlrpc.cgi
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Auth
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Config
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/DB
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Field
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Install
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/JobQueue
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Search
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Template/Plugin
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Template
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/User/Setting
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/User
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/WebService/Server
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/WebService
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla/Whine
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/Bugzilla
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/contrib
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api/extensions
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html/api
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/images/callouts
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/images
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/pdf
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/txt
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/xml
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/en
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple/HTML
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple/HTMLBatch
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/lib
-%%PORTDOCS%%@dirrm %%DOCSDIR%%/xsl
-%%PORTDOCS%%@dirrm %%DOCSDIR%%
-@dirrm %%WWWDIR%%/Bugzilla/Attachment
-@dirrm %%WWWDIR%%/Bugzilla/Auth/Login
-@dirrm %%WWWDIR%%/Bugzilla/Auth/Persist
-@dirrm %%WWWDIR%%/Bugzilla/Auth/Verify
-@dirrm %%WWWDIR%%/Bugzilla/Auth
-@dirrm %%WWWDIR%%/Bugzilla/BugUrl/Bugzilla
-@dirrm %%WWWDIR%%/Bugzilla/BugUrl
-@dirrm %%WWWDIR%%/Bugzilla/Config
-@dirrm %%WWWDIR%%/Bugzilla/DB/Schema
-@dirrm %%WWWDIR%%/Bugzilla/DB
-@dirrm %%WWWDIR%%/Bugzilla/Field
-@dirrm %%WWWDIR%%/Bugzilla/Install
-@dirrm %%WWWDIR%%/Bugzilla/Job
-@dirrm %%WWWDIR%%/Bugzilla/JobQueue
-@dirrm %%WWWDIR%%/Bugzilla/Migrate
-@dirrm %%WWWDIR%%/Bugzilla/Search
-@dirrm %%WWWDIR%%/Bugzilla/Send
-@dirrm %%WWWDIR%%/Bugzilla/Template/Plugin
-@dirrm %%WWWDIR%%/Bugzilla/Template
-@dirrm %%WWWDIR%%/Bugzilla/User/Setting
-@dirrm %%WWWDIR%%/Bugzilla/User
-@dirrm %%WWWDIR%%/Bugzilla/WebService/Server
-@dirrm %%WWWDIR%%/Bugzilla/WebService
-@dirrm %%WWWDIR%%/Bugzilla/Whine
-@dirrmtry %%WWWDIR%%/Bugzilla
-%%CONTRIB%%@dirrm %%WWWDIR%%/contrib/bugzilla-submit
-%%CONTRIB%%@dirrm %%WWWDIR%%/contrib/cmdline
-@dirrmtry %%WWWDIR%%/contrib
-@dirrmtry %%WWWDIR%%/data
-@dirrmtry %%WWWDIR%%/graphs
-@dirrmtry %%WWWDIR%%/images
-@dirrm %%WWWDIR%%/js/history.js
-@dirrm %%WWWDIR%%/js/yui/animation
-@dirrm %%WWWDIR%%/js/yui/assets/skins/sam
-@dirrm %%WWWDIR%%/js/yui/assets/skins
-@dirrm %%WWWDIR%%/js/yui/assets
-@dirrm %%WWWDIR%%/js/yui/autocomplete
-@dirrm %%WWWDIR%%/js/yui/base
-@dirrm %%WWWDIR%%/js/yui/button
-@dirrm %%WWWDIR%%/js/yui/calendar
-@dirrm %%WWWDIR%%/js/yui/carousel
-@dirrm %%WWWDIR%%/js/yui/charts
-@dirrm %%WWWDIR%%/js/yui/colorpicker
-@dirrm %%WWWDIR%%/js/yui/connection
-@dirrm %%WWWDIR%%/js/yui/container
-@dirrm %%WWWDIR%%/js/yui/cookie
-@dirrm %%WWWDIR%%/js/yui/datasource
-@dirrm %%WWWDIR%%/js/yui/datatable
-@dirrm %%WWWDIR%%/js/yui/datemath
-@dirrm %%WWWDIR%%/js/yui/dom
-@dirrm %%WWWDIR%%/js/yui/dragdrop
-@dirrm %%WWWDIR%%/js/yui/element
-@dirrm %%WWWDIR%%/js/yui/element-delegate
-@dirrm %%WWWDIR%%/js/yui/event
-@dirrm %%WWWDIR%%/js/yui/event-delegate
-@dirrm %%WWWDIR%%/js/yui/event-mouseenter
-@dirrm %%WWWDIR%%/js/yui/event-simulate
-@dirrm %%WWWDIR%%/js/yui/fonts
-@dirrm %%WWWDIR%%/js/yui/get
-@dirrm %%WWWDIR%%/js/yui/grids
-@dirrm %%WWWDIR%%/js/yui/history
-@dirrm %%WWWDIR%%/js/yui/imagecropper
-@dirrm %%WWWDIR%%/js/yui/imageloader
-@dirrm %%WWWDIR%%/js/yui/json
-@dirrm %%WWWDIR%%/js/yui/layout
-@dirrm %%WWWDIR%%/js/yui/logger
-@dirrm %%WWWDIR%%/js/yui/menu
-@dirrm %%WWWDIR%%/js/yui/paginator
-@dirrm %%WWWDIR%%/js/yui/profiler
-@dirrm %%WWWDIR%%/js/yui/profilerviewer
-@dirrm %%WWWDIR%%/js/yui/progressbar
-@dirrm %%WWWDIR%%/js/yui/reset
-@dirrm %%WWWDIR%%/js/yui/reset-fonts
-@dirrm %%WWWDIR%%/js/yui/reset-fonts-grids
-@dirrm %%WWWDIR%%/js/yui/resize
-@dirrm %%WWWDIR%%/js/yui/selector
-@dirrm %%WWWDIR%%/js/yui/slider
-@dirrm %%WWWDIR%%/js/yui/storage
-@dirrm %%WWWDIR%%/js/yui/stylesheet
-@dirrm %%WWWDIR%%/js/yui/swf
-@dirrm %%WWWDIR%%/js/yui/swfdetect
-@dirrm %%WWWDIR%%/js/yui/swfstore
-@dirrm %%WWWDIR%%/js/yui/tabview
-@dirrm %%WWWDIR%%/js/yui/treeview
-@dirrm %%WWWDIR%%/js/yui/uploader
-@dirrm %%WWWDIR%%/js/yui/yahoo
-@dirrm %%WWWDIR%%/js/yui/yahoo-dom-event
-@dirrm %%WWWDIR%%/js/yui/yuiloader
-@dirrm %%WWWDIR%%/js/yui/yuitest
-@dirrm %%WWWDIR%%/js/yui
-@dirrm %%WWWDIR%%/js
-@dirrmtry %%WWWDIR%%/lib
-@dirrm %%WWWDIR%%/skins/contrib/Dusk
-@dirrm %%WWWDIR%%/skins/contrib
-@dirrm %%WWWDIR%%/skins/standard/dependency-tree
-@dirrm %%WWWDIR%%/skins/standard/global
-@dirrm %%WWWDIR%%/skins/standard/index
-@dirrm %%WWWDIR%%/skins/standard
-@dirrmtry %%WWWDIR%%/skins
-@dirrmtry %%WWWDIR%%/t
-@dirrm %%WWWDIR%%/template/en/default/account/auth
-@dirrm %%WWWDIR%%/template/en/default/account/email
-@dirrm %%WWWDIR%%/template/en/default/account/password
-@dirrm %%WWWDIR%%/template/en/default/account/prefs
-@dirrm %%WWWDIR%%/template/en/default/account
-@dirrm %%WWWDIR%%/template/en/default/admin/classifications
-@dirrm %%WWWDIR%%/template/en/default/admin/components
-@dirrm %%WWWDIR%%/template/en/default/admin/custom_fields
-@dirrm %%WWWDIR%%/template/en/default/admin/fieldvalues
-@dirrm %%WWWDIR%%/template/en/default/admin/flag-type
-@dirrm %%WWWDIR%%/template/en/default/admin/groups
-@dirrm %%WWWDIR%%/template/en/default/admin/keywords
-@dirrm %%WWWDIR%%/template/en/default/admin/milestones
-@dirrm %%WWWDIR%%/template/en/default/admin/params
-@dirrm %%WWWDIR%%/template/en/default/admin/products/groupcontrol
-@dirrm %%WWWDIR%%/template/en/default/admin/products
-@dirrm %%WWWDIR%%/template/en/default/admin/sanitycheck
-@dirrm %%WWWDIR%%/template/en/default/admin/settings
-@dirrm %%WWWDIR%%/template/en/default/admin/users
-@dirrm %%WWWDIR%%/template/en/default/admin/versions
-@dirrm %%WWWDIR%%/template/en/default/admin/workflow
-@dirrm %%WWWDIR%%/template/en/default/admin
-@dirrm %%WWWDIR%%/template/en/default/attachment
-@dirrm %%WWWDIR%%/template/en/default/bug/activity
-@dirrm %%WWWDIR%%/template/en/default/bug/create
-@dirrm %%WWWDIR%%/template/en/default/bug/process
-@dirrm %%WWWDIR%%/template/en/default/bug
-@dirrm %%WWWDIR%%/template/en/default/email
-@dirrm %%WWWDIR%%/template/en/default/extensions
-@dirrm %%WWWDIR%%/template/en/default/flag
-@dirrm %%WWWDIR%%/template/en/default/global
-@dirrm %%WWWDIR%%/template/en/default/list
-@dirrm %%WWWDIR%%/template/en/default/pages
-@dirrm %%WWWDIR%%/template/en/default/reports
-@dirrm %%WWWDIR%%/template/en/default/request
-@dirrm %%WWWDIR%%/template/en/default/search
-@dirrm %%WWWDIR%%/template/en/default/setup
-@dirrm %%WWWDIR%%/template/en/default/whine
-@dirrm %%WWWDIR%%/template/en/default
-@dirrm %%WWWDIR%%/template/en
-@dirrmtry %%WWWDIR%%/template
-@dirrmtry %%WWWDIR%%/xt
-@dirrmtry %%WWWDIR%%
+@dir %%WWWDIR%%/Bugzilla
+@dir %%WWWDIR%%/contrib
+@dir %%WWWDIR%%/data
+@dir %%WWWDIR%%/graphs
+@dir %%WWWDIR%%/images
+@dir %%WWWDIR%%/lib
+@dir %%WWWDIR%%/skins
+@dir %%WWWDIR%%/t
+@dir %%WWWDIR%%/template
+@dir %%WWWDIR%%/xt
+@dir %%WWWDIR%%