Description:
A vulnerability has been discovered in Sympa web interface that
allows write access to files on the server filesystem.
This flaw allows to create or modify any file writable by the Sympa
user, located on the server filesystem, using the function of Sympa
web interface template file saving.
PR: 227642
Submitted by: maintainer
Please note:
- Web's static dirs have moved to a single dedicated directory.
- Users should review webserver's /static configuration (examples in
share/examples/sympa).
PR: 223793
Submitted by: geoffroy desvernay <dgeo@centrale-marseille.fr> (maintainer)
Relnotes: https://github.com/sympa-community/sympa/blob/6.2.22/NEWS.md
So, replace them with OPTIONS_SLAVE, OPTIONS_EXCLUDE, OPTIONS_DEFAULT,
where appropriate.
The ghostscript ports are doing something nasty that is certainly wrong,
but I don't want to try to understand it.
Sponsored by: Absolight
* Current sympa.rc not show the correct status, always active. grep
with pid string also process.
* The output of ps depends on the windows size. Sometime truncated
/usr/local/libexec/sympa/task_manager.pl -w for avoid it.
* Change ps options to BSD-sytle.
PR: 199145
Submitted by: Igor Zabelin <igorz@yandex.ru>
Approved by: geoffroy desvernay <dgeo@centrale-marseille.fr> (maintainer)
- Add Net::DNS as stated in changelog for 6.1.21
Also changed in plist:
- @dirrm(try) to @dir to make portlint happy.
- removed @owner for libexec/sympa/*: sympa doesn't need write privileges here (do it ?)
- changed broken ${CHOWN} from Makefile to "@owner" in plist for %%DATADIR%%/{list_data,bounce,arc} (owned by sympa:sympa for real)
Pass maintainership to submitter (thanks a lot!)
PR: ports/193522
Submitted by: Geoffroy Desvernay
Since FreeBSD 8.4 and FreeBSD 9.1 make(1) do support :tu and :tl as a
replacement for :U and :L (which has been marked as deprecated)
bmake which is the default on FreeBSD 10+ only support by default
:tu/:tl a hack has been added at the time to support :U and :L to ease
migration. This hack is now not necessary anymore
Note that this makes the ports tree incompatible with make(1) from
FreeBSD 8.3 or earlier
With hat: portmgr
PR: ports/175966
Submitted by: Geoffroy Desvernay <dgeo@centrale-marseille.fr>
While here, convert the make.conf knobs to OPTIONSng.
The DB_TYPE compatibility shim will remain for a few versions, but it should
be changed to OPTIONS_SET=[db-type as described in the OPTION] now.
- Fix init script for FreeBSD
- Allow use without apache (fastcgi/nginx for example) if WITHOUT_APACHE is
defined
PR: ports/167121
Submitted by: Geoffroy Desvernay <dgeo@centrale-marseille.fr>
