| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
PR: ports/110987
Submitted by: Yasushi Hayashi <yasi@yasi.to> (maintainer)
|
|
|
|
|
|
| |
PR: ports/110733
Submitted by: Yasushi Hayashi <yasi@yasi.to> (maintainer)
Security: http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view
|
|
|
|
|
| |
PR: ports/108374
Submitted by: Yasushi Hayashi <yasi@yasi.to> (maintainer)
|
|
|
|
|
|
| |
PR: ports/106001
Submitted by: HAYASHI Yasushi <yasi@yasi.to> (maintainer)
Repocopy by: marcus
|
|
|
|
|
| |
PR: ports/105718
Submitted by: HAYASHI Yasushi <yasi@yasi.to> (maintainer)
|
|
|
|
|
| |
PR: 104274
Approved by: portmgr (erwin)
|
|
|
|
|
| |
PR: ports/104007
Submitted by: HAYASHI Yasushi <yasi@yasi.to> (maintainer)
|
|
|
|
|
| |
PR: ports/102690
Submitted by: HAYASHI Yasushi <yasi@yasi.to> (maintainer)
|
|
|
|
|
| |
PR: ports/101236
Submitted by: HAYASHI Yasushi <yasi at yasi.to> (maintainer)
|
|
|
|
|
|
|
|
|
|
| |
of the docutils module to parse and render "restructured text". Sites which
allow untrusted users to create restructured text as through-the-web
content should apply this hotfix.
PR: ports/99952
Submitted by: maintainer
Security: http://www.zope.org/Products/Zope/Hotfix-2006-07-05/Hotfix-2006-07-05/
|
|
|
|
|
| |
PR: ports/97340
Submitted by: maintainer
|
|
|
|
|
| |
PR: 96804
Submitted by: maintainer
|
|
|
|
|
| |
PR: ports/94776
Submitted by: maintainer
|
|
|
|
|
|
|
|
| |
- Remove extra install of rc.d script
- Bump PORTREVISION
- portlint(1)
Approved by: portmgr (kris)
|
|
|
|
| |
Approved by: portmgr (implicit)
|
|
|
|
|
|
| |
PR: ports/91824
Submitted by: HAYASHI Yasushi <yasi@yasi.to>
Repocopy by: marcus
|
|
|
|
|
| |
PR: ports/91365
Submitted by: Denis Shaposhnikov <dsh@vlink.ru> (maintainer)
|
|
|
|
|
|
|
| |
Changelog http://www.zope.org/Products/Zope/2.8.4/CHANGES.txt
PR: 88078
Submitted by: Denis Shaposhnikov <dsh@vlink.ru> (maintainer)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2.8.3 release:
http://www.zope.org/Products/Zope/2.8.3/CHANGES.txt
==========
* ZSQLMethod.manage_main: Moved the error message that warns of a
non-existing or closed database connection next to the
Connection ID dropdown and present it using red to increase its
visibility.
* Update to Docutils 0.3.9 (forgotten in Zope 2.8.2)
==========
PR: ports/87650
Submitted by: maintainer
|
|
|
|
|
| |
PR: 87428
Submitted by: Denis Shaposhnikov <dsh@vlink.ru> (maintainer)
|
|
|
|
|
|
|
|
|
| |
This hotfix addresses an important security issue that affects users of Zope
versions 2.6 or higher.
PR: 87198
Submitted by: Denis Shaposhnikov <dsh@vlink.ru> (maintainer)
Security: http://www.vuxml.org/freebsd/d2b80c7c-3aae-11da-9484-00123ffe8333.html
|
|
|
|
|
| |
Noticed by: kris
Approved by: maintainer
|
|
|
|
|
|
|
|
| |
Permit running www/zope and www/zope28 at the same time on the same host.
Use static pkg-plist instead dynamic one.
PR: 86397
Submitted by: Denis Shaposhnikov (maintainer)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Here are some of the "headlines" mentioned in the features list.
Database Integration
SQL and HTML in Harmony
Multiple Data Sources
Publish Databases
Application Development
DTML Scripting
External Methods
Content Management
Builtin Objects
Document Templates
Web to Objects
Integrated Object Database
Managed Through the Web
Direct URL Access to Objects
PR: 85063
Submitted by: Denis Shaposhnikov <dsh@vlink.ru>
|
|
|
|
|
|
| |
PR: ports/83377
Submitted by: HAYASHI Yasushi <yasi@yasi.to>
Approved by: Gerhard Schmidt <estartu@augusta.de> (maintainer)
|
|
|
|
|
|
| |
PR: ports/80476
Submitted by: HAYASHI Yasushi <yasi@yasi.to>
Approved by: maintainer
|
|
|
|
|
|
| |
PR: ports/79812
Submitted by: HAYASHI Yasushi <yasi@yasi.to>
Approved by: Gerhard Schmidt <estartu@augusta.de> (maintainer)
|
|
|
|
|
| |
PR: ports/77633
Submitted by: Gerhard Schmidt <estartu@augusta.de> (maintainer)
|
|
|
|
|
|
| |
PR: ports/75843
Submitted by: maintainer
Approved by: linimon (portmgr)
|
|
|
|
| |
Approved by: portmgr (self)
|
|
|
|
|
|
| |
support 2.4 in Zope 2.7 branch.
Submitted by: maintainer
|
|
|
|
| |
Spotted by: kris
|
|
|
|
|
| |
PR: ports/73969
Submitted by: Gerhard Schmidt <estartu@augusta.de> (maintainer)
|
|
|
|
|
|
|
|
| |
- Add special pkg-message to package to help with installation from package
PR: ports/69476
Submitted by: HAYASHI Yasushi <yasi@yasi.to>,
Gerhard Schmidt <estartu@augusta.de> (maintainer)
|
|
|
|
|
|
| |
PR: ports/68408
Submitted by: HAYASHI Yasushi
Approved by: maintainer.
|
|
|
|
|
|
| |
PR: ports/68059
Submitted by: Phil Oleson <oz@nixil.net>
Approved by: maintainer
|
| |
|
|
|
|
| |
Spotted by: kris
|
|
|
|
| |
Submitted by: HAYASHI Yasushi <yasi@yasi.to>
|
|
|
|
|
|
|
| |
- Change global products directory location.
PR: 65760
Submitted by: maintainer
|
|
|
|
| |
Reported by: bento's extras list
|
|
|
|
|
|
| |
update PR.
Submitted by: Gerhard Schmidt <estartu@augusta.de>
|
|
|
|
|
|
| |
PR: ports/63265
Submitted by: Gerhard Schmidt <estartu@augusta.de>
Approved by: crowds on python@ via perky (in general)
|
| |
|
| |
|
|
|
|
|
| |
PR: 59000
Submitted by: Osma Suominen <ozone@sange.fi>
|
|
|
|
|
| |
a package update is done. Also, install zope.sh.sample, and copy it to
zope.sh if zope.sh doesn't already exist.
|
| |
|
| |
|
|
|
|
|
| |
PR: 54243
Submitted by: Tim Middleton <x@vex.net>
|
|
|
|
|
| |
PR: 53313
Submitted by: "Miguel Mendez" <flynn@energyhq.es.eu.org>
|
|
|
|
|
| |
PR: 52038
Submitted by: Miguel Mendez <flynn@energyhq.es.eu.org>
|
| |
|
| |
|
|
|
|
|
|
|
| |
Requiem mors pacem pkg-comment,
And be calm ports tree.
E Nomini Patri, E Fili, E Spiritu Sancti.
|
| |
|
|
|
|
|
|
|
| |
the plist ;)
PR: 46168
Submitted by: Simon 'corecode' Schubert <corecode@eikonww2.eikon.e-technik.tu-muenchen.de>
|
|
|
|
| |
than just bomb.
|
|
|
|
|
| |
mail's case insensitive and will try to type that. Sorry folks, purely a
cosmetic change here, nothing to see, move along, move along....
|
| |
|
|
|
|
|
|
|
|
|
|
| |
2. Maintainer changed to ports@geeksrus.net (alane@freebsd.org) due to
maintainer timeouts on this port.
3. PORTREVISION bumped due to change in pkg-plist and install dirs.
PR: 39687
Submitted by: ports@geeksrus.net
Approved by: will
|
|
|
|
|
|
|
|
|
|
| |
boot time startup does not fail.
2. Bump PORTREVSION (not in PR).
PR: ports/37878
Submitted by: alane
Reviewed by: will
Approved by: will
|
|
|
|
|
| |
PR: ports/37763
Submitted by: HAYASHI Yasushi <yasi@yasi.to>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
http://www.zope.org/Products/Zope/Hotfix_2002-03-01/README.txt which
says:
``The issue involves the checking of security for objects with proxy
roles. The context of the owner user that created the object with
proxy roles was not being taken into account when determining access
to the object with proxy roles. This flaw could allow users defined
in subfolders of a site with sufficient privileges to access objects
at higher levels in the site that they would not normally be able to
access.''
PR: 36103
Submitted by: HAYASHI Yasushi <yasi@yasi.to>
|
|
|
|
| |
Submitted by: HAYASHI Yasushi <yasi@yasi.to>
|
|
|
|
|
| |
PR: ports/34430
Submitted by: HAYASHI Yasushi <yasi@yasi.to>
|
|
|
|
|
|
| |
the ECHO macro is set to "echo" by default, but it is set to "true" if
make(1) is invoked with the -s option while ECHO_CMD is always set to
the echo command.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
``The issue involves an error in the '_check_context' method of the
AccessControl.User.BasicUser class. The bug made it possible to access
Zope objects via acquisition that a user would not otherwise have access
to. This issue could allow users with enough internal knowledge of Zope
to perform actions higher in the object hierarchy than they should be
able to.''
|
|
|
|
| |
Approved by: nbm
|
|
|
|
| |
Approved by: nbm
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
From the Zope site:
The issue involves an error in the 'aq_inContextOf' method of objects that
support acquisition. A recent change to the access validation machinery
made this bug begin to affect security restrictions. The bug, with the
change to validation, made it possible to access Zope objects via
acquisition that a user would not otherwise have access to. This issue
could allow users with enough internal knowledge of Zope to perform actions
higher in the object hierarchy than they should be able to.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Removed "access" from pkg-plist, it contains password data that
should be preserved (I forgot this last time!).
* In the "do-install" target, leave the "access" file unchanged if it
already exists.
* Remove the pre-deinstall comment: Data.fs is already preserved by
pkg_delete anyway.
* In the "install" target, use temporary file Data.fs.preserve to avoid
overwriting Data.fs. "make deinstall/install" can now be safely used to
perform upgrades.
* Don't leave .o files around anymore.
Approved by: maintainer
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Changed the python15 dependency to USE_PYTHON=yes
* Replaced PYTHON15 with PYTHON_CMD from bsd.python.mk
* Added SAPACHE_CONFDIR, like the other Sxxx variables, to be used in the
PLIST. APACHE_CONFDIR now depends on SAPACHE_CONFDIR
* Added APACHE_CONFDIR and WEBBASEDIR to PLIST_SUB
* Removed temporary file Zope.cgi.orig
* Removed .cvsignore from var/
* Added/removed some files to the PLIST
* Used @unexec rmdir to remove shared directories from PLIST
* Removed the line with "grep". I didn't understand how it was supposed to
work, I guess it should have been something like "cmp -s ...", but
Data.fs cannot be equal to Data.fs.in anyway, because Zope adds some
things to it the first time it's started (automatically imported
packages from filesystem).
* Removed temporary files from var/ at deinstall time (*.tmp, *.lock, *.soc,
*.pid)
* Sometimes the inituser file did not exist at deinstall time, so I
deleted it with @unexec. It won't be included by "make package".
* Added the Hotfix_2001-02-23 directory (@dirrm)
* Used variables from PLIST_SUB instead of www and etc/apache (@dirrm)
Approved by: maintainer
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From the Zope hotfix:
This hotfix addresses and important security issue that affects Zope
versions up to and including Zope 2.3.1 b1.
The issue is related to ZClasses in that a user with through-the-web
scripting capabilities on a Zope site can view and assign class
attributes to ZClasses, possibly allowing them to make inappropriate
changes to ZClass instances.
This patch also fixes problems in the ObjectManager, PropertyManager,
and PropertySheet classes related to mutability of method return values
which could be perceived as a security problem.
We *highly* recommend that any Zope site running versions of Zope up to
and including 2.3.1 b1 have this hotfix product installed to mitigate
these issues if the site is accessible by untrusted users who have
through-the-web scripting privileges.
|
|
|
|
| |
the 'new' module.
|
| |
|
|
|
|
|
|
|
| |
security hotfixes.
All Zope users are encouraged to upgrade, or apply the hotfixes
themselves.
|
|
|
|
|
|
|
| |
Since this doesn't affect any functionality for port or packages users,
I'll try avoid the PORTREVISION bump.
Noticed by: bento
|
|
|
|
|
|
|
| |
after testing.
PR: 22050
Submitted by: Taoka Fumiyoshi <fmysh@ga2.so-net.ne.jp>
|
|
|
|
|
|
| |
which allows people who may edit DTML to gain higher privilege, and
those who have higher privilege in some areas of the Zope tree to gain
it in other areas.
|
|
|
|
| |
Also allow zope to be installed by non-root.
|
|
|
|
|
|
|
|
| |
of how to turn it on. Conditionalize the SSL usage on <IfDefine SSL>,
since that's been a problem.
Also make the rewrite use cgi-bin.default/Zope.cgi, but give an example
of what to change if you move it to cgi-bin/Zope.cgi.
|
|
|
|
| |
now.
|
| |
|
|
|
|
| |
It may even work out the box now.
|
|
|
|
|
|
|
|
| |
Zope shutdown bug fixed.
Reported by: Marc Rassbach <marc@milestonerdl.com>
Reported by: Jimmy Olgeni <olgeni@uli.it>
Zope startup bug fixed (I think).
|
|
|
|
| |
beforehand.
|
|
|
|
| |
Approved by: thomas@hentschel.net (previous maintainer)
|
|
|
|
|
| |
PR: ports/20486
Submitted by: thomas@hentschel.net
|
|
|
|
|
| |
Submitted by: James Howard <howardjp@wam.umd.edu>
PR: 20144
|
|
|
|
|
|
|
| |
options `start' and `stop' now (unless I have forgotten any). This allows
us to call the scripts from /etc/rc.shutdown with the correct option.
The (42 or so) ports that already DTRT before are unchanged.
|
|
|
|
| |
commit.
|
|
|
|
|
| |
PR: 18444
Submitted by: Thomas Hentschel <thomas@hentschel.net>
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
PR: ports/14982
Submitted by: KATO Tsuguru <tkato@prontomail.ne.jp>
|
|
|
|
|
|
| |
Submitted by: David Kirchner <dpk@nwserv.com>
(2) Remove CHMOD definition, we already do it in bsd.port.mk
|
|
|
|
|
| |
PR: 14789
Submitted by: Ade Lovett <ade@lovett.com>
|
|
An object-based web application platform with database access.
PR: 13324
Submitted by: Peter Cornelius <pcc@gmx.net>
|