- Fix zabbix -- php frontend multiple vulnerabilities

Note:

	Input appended to and passed via the "extlang" parameter to the "calc_exp2()"
	function in include/validate.inc.php is not properly sanitised before being
	used. This can be exploited to inject and execute arbitrary PHP code.

	The application allows users to perform certain actions via HTTP requests
	without performing any validity checks to verify the requests. This can be
	exploited to e.g. create users by enticing a logged in administrator to
	visit a malicious web page.

	Input passed to the "srclang" parameter in locales.php (when "next" is set
	to a non-NULL value) is not properly verified before being used to include
	files. This can be exploited to include arbitrary files from local resources
	via directory traversal attacks and URL-encoded NULL bytes.

- Bump PORTREVISION

PR:		132944
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru> (many thanks!)
Approved by:	maintainer timeout (security 1 day)
Security:	http://www.vuxml.org/freebsd/03140526-1250-11de-a964-0030843d3802.html

1 files changed, 1 insertions, 2 deletions

diff --git a/net-mgmt/zabbix2-agent/Makefile b/net-mgmt/zabbix2-agent/Makefile
index 78531b59ffc7..2d6e625c42f5 100644
--- a/net-mgmt/zabbix2-agent/Makefile
+++ b/net-mgmt/zabbix2-agent/Makefile
@@ -7,6 +7,7 @@
 
 PORTNAME=	zabbix
 PORTVERSION=	1.6.2
+PORTREVISION=	1
 PORTEPOCH=	2
 CATEGORIES=	net-mgmt
 MASTER_SITES=	SF
@@ -24,8 +25,6 @@ MAKE_ARGS=	ARCH=freebsd
 CONFIGURE_ARGS+=--enable-ipv6
 .endif
 
-FORBIDDEN=	multiple vulnerabilities http://www.vuxml.org/freebsd/03140526-1250-11de-a964-0030843d3802.html
-
 ZABBIX_BIN=	agent agentd get sender
 ZABBIX_CFG=	agent agentd
 ZABBIX_BINFILES=${ZABBIX_BIN:S|^|zabbix_|:C|.+|&/&|:S|agentd/|agent/|}