diff options
| -rw-r--r-- | devel/bugzilla3/Makefile | 2 | ||||
| -rw-r--r-- | devel/bugzilla3/distinfo | 4 | ||||
| -rw-r--r-- | devel/bugzilla3/pkg-plist | 1 | ||||
| -rw-r--r-- | german/bugzilla/Makefile | 7 | ||||
| -rw-r--r-- | german/bugzilla3/Makefile | 7 | ||||
| -rw-r--r-- | russian/bugzilla3-ru/Makefile | 5 | ||||
| -rw-r--r-- | russian/bugzilla3-ru/distinfo | 4 | ||||
| -rw-r--r-- | security/vuxml/vuln.xml | 46 |
8 files changed, 68 insertions, 8 deletions
diff --git a/devel/bugzilla3/Makefile b/devel/bugzilla3/Makefile index 93be5401f04e..ad9235bb4989 100644 --- a/devel/bugzilla3/Makefile +++ b/devel/bugzilla3/Makefile @@ -6,7 +6,7 @@ # PORTNAME= bugzilla -PORTVERSION= 3.6.8 +PORTVERSION= 3.6.9 CATEGORIES= devel MASTER_SITES= ${MASTER_SITE_MOZILLA} MASTER_SITE_SUBDIR= webtools webtools/archived diff --git a/devel/bugzilla3/distinfo b/devel/bugzilla3/distinfo index b08b78ff923f..6ebf97305370 100644 --- a/devel/bugzilla3/distinfo +++ b/devel/bugzilla3/distinfo @@ -1,2 +1,2 @@ -SHA256 (bugzilla/bugzilla-3.6.8.tar.gz) = a07efee28c905d3b0afd10d1efe6fa6ecaaa7e0e89c299f1f20fe21a74ad16bf -SIZE (bugzilla/bugzilla-3.6.8.tar.gz) = 2509304 +SHA256 (bugzilla/bugzilla-3.6.9.tar.gz) = 05d1fa9a7f0c9a75b9473959b0c9a0370608371da04e331c062ac8e21366af4b +SIZE (bugzilla/bugzilla-3.6.9.tar.gz) = 2508965 diff --git a/devel/bugzilla3/pkg-plist b/devel/bugzilla3/pkg-plist index c767a7c89bcd..65e2aa661600 100644 --- a/devel/bugzilla3/pkg-plist +++ b/devel/bugzilla3/pkg-plist @@ -666,7 +666,6 @@ %%WWWDIR%%/template/en/default/list/list.csv.tmpl %%WWWDIR%%/template/en/default/list/list.html.tmpl %%WWWDIR%%/template/en/default/list/list.ics.tmpl -%%WWWDIR%%/template/en/default/list/list.js.tmpl %%WWWDIR%%/template/en/default/list/list.rdf.tmpl %%WWWDIR%%/template/en/default/list/quips.html.tmpl %%WWWDIR%%/template/en/default/list/server-push.html.tmpl diff --git a/german/bugzilla/Makefile b/german/bugzilla/Makefile index 96d74d485465..6a47341dc59a 100644 --- a/german/bugzilla/Makefile +++ b/german/bugzilla/Makefile @@ -7,6 +7,7 @@ PORTNAME= bugzilla PORTVERSION= 4.0.5 +PORTREVISION= 1 CATEGORIES= german MASTER_SITES= SF MASTER_SITE_SUBDIR=bugzilla-de/${PORTVERSION:R}/${PORTVERSION} @@ -23,6 +24,12 @@ NO_WRKSUBDIR= yes LANGDIR= ${WWWDIR}/template/de +# german template checks the bugzilla version number and displays +# non supported bugzilla version, however there are no relevant +# changes in the templates between 4.0.5 and 4.0.6 +post-patch: + @${SED} -i '' -e 's|4.0.5|4.0.6|' ${WRKDIR}/de/default/global/gzversion.html.tmpl + do-install: @-${MKDIR} ${LANGDIR} @(cd ${WRKSRC}/de && ${COPYTREE_SHARE} . ${LANGDIR}) diff --git a/german/bugzilla3/Makefile b/german/bugzilla3/Makefile index 86e734c274fe..cf4fc02e35d5 100644 --- a/german/bugzilla3/Makefile +++ b/german/bugzilla3/Makefile @@ -7,6 +7,7 @@ PORTNAME= bugzilla PORTVERSION= 3.6.8 +PORTREVISION= 1 CATEGORIES= german MASTER_SITES= SF MASTER_SITE_SUBDIR=bugzilla-de/${PORTVERSION:R}/${PORTVERSION} @@ -25,6 +26,12 @@ NO_WRKSUBDIR= yes LANGDIR= ${WWWDIR}/template/de +# german template checks the bugzilla version number and displays +# non supported bugzilla version, however there are no relevant +# changes in the template between 3.6.8 and 3.6.9 +post-patch: + @${SED} -i '' -e 's|3.6.8|3.6.9|' ${WRKDIR}/de/default/global/gzversion.html.tmpl + do-install: @-${MKDIR} ${LANGDIR} @(cd ${WRKSRC}/de && ${COPYTREE_SHARE} . ${LANGDIR}) diff --git a/russian/bugzilla3-ru/Makefile b/russian/bugzilla3-ru/Makefile index 551a9feb6f47..e116e4c7cb36 100644 --- a/russian/bugzilla3-ru/Makefile +++ b/russian/bugzilla3-ru/Makefile @@ -6,9 +6,10 @@ # PORTNAME= bugzilla -DISTVERSION= 3.6.6-ru-20110808 +DISTVERSION= 3.6.9-ru-20120419 CATEGORIES= russian -MASTER_SITES= http://ftp.mozilla-russia.org/bugzilla/ +MASTER_SITES= SF +MASTER_SITE_SUBDIR=bugzilla-ru/bugzilla-3.6-ru/${PORTVERSION:R:R} PKGNAMESUFFIX= -ru MAINTAINER= skv@FreeBSD.org diff --git a/russian/bugzilla3-ru/distinfo b/russian/bugzilla3-ru/distinfo index bed293389d2f..507549f96d18 100644 --- a/russian/bugzilla3-ru/distinfo +++ b/russian/bugzilla3-ru/distinfo @@ -1,2 +1,2 @@ -SHA256 (bugzilla/bugzilla-3.6.6-ru-20110808.tar.gz) = dd9eaae1021361dd5c3e91acc5f51cddc3c1398d6cd8e36b1e2345fce52a741b -SIZE (bugzilla/bugzilla-3.6.6-ru-20110808.tar.gz) = 323325 +SHA256 (bugzilla/bugzilla-3.6.9-ru-20120419.tar.gz) = a6c8fa4e70b5f0fb00fc1ba80a201d934b8ca1b214aef4006834655703b6544f +SIZE (bugzilla/bugzilla-3.6.9-ru-20120419.tar.gz) = 323608 diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index a4fe0176b504..0ced112433b9 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -52,6 +52,52 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="09c87973-8b9d-11e1-b393-20cf30e32f6d"> + <topic>bugzilla -- multiple vulnerabilities</topic> + <affects> + <package> + <name>bugzilla</name> + <range><ge>3.6.0</ge><lt>3.6.9</lt></range> + <range><ge>4.0.0</ge><lt>4.0.6</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <h1>A Bugzilla Security Advisory reports:</h1> + <blockquote cite="http://www.bugzilla.org/security/3.6.8/"> + <p>The following security issues have been discovered in Bugzilla:</p> + <h1>Unauthorized Access</h1> + <p>Due to a lack of proper validation of the X-FORWARDED-FOR + header of an authentication request, an attacker could bypass + the current lockout policy used for protection against brute- + force password discovery. This vulnerability can only be + exploited if the 'inbound_proxies' parameter is set. + </p> + <h1>Cross Site Scripting</h1> + <p>A JavaScript template used by buglist.cgi could be used + by a malicious script to permit an attacker to gain access + to some information about bugs he would not normally be + allowed to see, using the victim's credentials. To be + exploitable, the victim must be logged in when visiting + the attacker's malicious page. + </p> + <p>All affected installations are encouraged to upgrade as soon as + possible.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2012-0465</cvename> + <cvename>CVE-2012-0466</cvename> + <url>https://bugzilla.mozilla.org/show_bug.cgi?id=728639</url> + <url>https://bugzilla.mozilla.org/show_bug.cgi?id=745397</url> + </references> + <dates> + <discovery>2012-04-18</discovery> + <entry>2012-04-21</entry> + </dates> + </vuln> + <vuln vid="67516177-88ec-11e1-9a10-0023ae8e59f0"> <topic>typo -- Cross-Site Scripting</topic> <affects> |