diff options
| author | nbm <nbm@FreeBSD.org> | 2002-03-23 18:04:29 +0800 |
|---|---|---|
| committer | nbm <nbm@FreeBSD.org> | 2002-03-23 18:04:29 +0800 |
| commit | 639d5828b178f88ade5f6862b2fcd27c7f9d31dd (patch) | |
| tree | a51afe580aa31d3a32c13af98ebf2bb9c1e7c455 /www/zope29 | |
| parent | 3aac40c6b0aec855d1891ea9b22c08a2a0e0e907 (diff) | |
| download | freebsd-ports-graphics-639d5828b178f88ade5f6862b2fcd27c7f9d31dd.tar.gz freebsd-ports-graphics-639d5828b178f88ade5f6862b2fcd27c7f9d31dd.tar.zst freebsd-ports-graphics-639d5828b178f88ade5f6862b2fcd27c7f9d31dd.zip | |
Implement the HotFix described at
http://www.zope.org/Products/Zope/Hotfix_2002-03-01/README.txt which
says:
``The issue involves the checking of security for objects with proxy
roles. The context of the owner user that created the object with
proxy roles was not being taken into account when determining access
to the object with proxy roles. This flaw could allow users defined
in subfolders of a site with sufficient privileges to access objects
at higher levels in the site that they would not normally be able to
access.''
PR: 36103
Submitted by: HAYASHI Yasushi <yasi@yasi.to>
Diffstat (limited to 'www/zope29')
| -rw-r--r-- | www/zope29/Makefile | 9 | ||||
| -rw-r--r-- | www/zope29/distinfo | 1 | ||||
| -rw-r--r-- | www/zope29/pkg-plist | 4 |
3 files changed, 11 insertions, 3 deletions
diff --git a/www/zope29/Makefile b/www/zope29/Makefile index 628f4def60a..3534415e4fd 100644 --- a/www/zope29/Makefile +++ b/www/zope29/Makefile @@ -7,11 +7,13 @@ PORTNAME= zope PORTVERSION= 2.5.0 -PORTREVISION= 0 +PORTREVISION= 1 CATEGORIES= www python zope -MASTER_SITES= http://www.zope.org/Products/Zope/${PORTVERSION}/ +MASTER_SITES= http://www.zope.org/Products/Zope/${PORTVERSION}/ \ + http://www.zope.org/Products/Zope/Hotfix_2002-03-01/ DISTNAME= Zope-${PORTVERSION}-src -EXTRACT_SUFX= .tgz +DISTFILES= ${DISTNAME}.tgz \ + Hotfix_2002-03-01.tgz PATCHFILES= Zope-2.5.0-unix-security.patch PATCH_DIST_STRIP= -p1 @@ -27,6 +29,7 @@ PYTHON_VERSION= python2.1 DIST_SUBDIR= zope post-patch: + @${CP} -Rp ${WRKDIR}/lib ${WRKSRC} @${FIND} ${WRKSRC} -name \*.orig -exec ${RM} {} \; # Build has to be done in the final location after installing the sources diff --git a/www/zope29/distinfo b/www/zope29/distinfo index ccc2d734747..8fe20e1dea7 100644 --- a/www/zope29/distinfo +++ b/www/zope29/distinfo @@ -1,2 +1,3 @@ MD5 (zope/Zope-2.5.0-src.tgz) = 105bb1f9d90478596cc929164ef385e3 +MD5 (zope/Hotfix_2002-03-01.tgz) = 4bb8d96a7dd5a93a3fe2e0b9f37632e7 MD5 (zope/Zope-2.5.0-unix-security.patch) = 87f3dceb08aa3bcede5bf521c9cdd328 diff --git a/www/zope29/pkg-plist b/www/zope29/pkg-plist index 79b208db05a..a197c16a717 100644 --- a/www/zope29/pkg-plist +++ b/www/zope29/pkg-plist @@ -833,6 +833,9 @@ etc/rc.d/zope.sh %%ZOPEBASEDIR%%/lib/python/Products/ExternalMethod/help/ExternalMethod.pyc %%ZOPEBASEDIR%%/lib/python/Products/ExternalMethod/version.txt %%ZOPEBASEDIR%%/lib/python/Products/ExternalMethod/www/function.gif +%%ZOPEBASEDIR%%/lib/python/Products/Hotfix_2002-03-01/README.txt +%%ZOPEBASEDIR%%/lib/python/Products/Hotfix_2002-03-01/__init__.py +%%ZOPEBASEDIR%%/lib/python/Products/Hotfix_2002-03-01/__init__.pyc %%ZOPEBASEDIR%%/lib/python/Products/MIMETools/MIMETag.py %%ZOPEBASEDIR%%/lib/python/Products/MIMETools/MIMETag.pyc %%ZOPEBASEDIR%%/lib/python/Products/MIMETools/README.txt @@ -2444,6 +2447,7 @@ etc/rc.d/zope.sh @dirrm %%ZOPEBASEDIR%%/lib/python/Products/MailHost/dtml @dirrm %%ZOPEBASEDIR%%/lib/python/Products/MailHost @dirrm %%ZOPEBASEDIR%%/lib/python/Products/MIMETools +@dirrm %%ZOPEBASEDIR%%/lib/python/Products/Hotfix_2002-03-01 @dirrm %%ZOPEBASEDIR%%/lib/python/Products/ExternalMethod/www @dirrm %%ZOPEBASEDIR%%/lib/python/Products/ExternalMethod/help @dirrm %%ZOPEBASEDIR%%/lib/python/Products/ExternalMethod/dtml |