kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
317616 commits 42 branches 80 tags 2.7 GiB
Commit graph

12 commits

Author SHA1 Message Date
TAKATSU Tomonari
05717e1324 - Update to 4.2.7 
- Update WWW line in pkg-descr
 2013-10-30 12:37:58 +00:00
Olli Hauer
de51be0645 - update to latest release [1] 
- use PKGNAMESUFFIX instead LATEST_LINK
- whitespace cleanup
- svn mv */bugzilla to */bugzilla40
- add vuxml entry

4.4.1, 4.2.7, and 4.0.11 Security Advisory
Wednesday Oct 16th, 2013

Summary
=======

Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issues have been discovered
in Bugzilla:

* A CSRF vulnerability in process_bug.cgi affecting Bugzilla 4.4 only
  can lead to a bug being edited without the user consent.

* A CSRF vulnerability in attachment.cgi can lead to an attachment
  being edited without the user consent.

* Several unfiltered parameters when editing flagtypes can lead to XSS.

* Due to an incomplete fix for CVE-2012-4189, some incorrectly filtered
  field values in tabular reports can lead to XSS.

All affected installations are encouraged to upgrade as soon as
possible.

[1]  even bugzilla40 gets upstream fixes an upgrade to bugzilla42/44 is recommend

Security:	vid e135f0c9-375f-11e3-80b7-20cf30e32f6d
		CVE-2013-1733
		CVE-2013-1734
		CVE-2013-1742
		CVE-2013-1743
 2013-10-17 19:35:22 +00:00
Olli Hauer
c0e86f6715 - add STAGE support to bugzilla ports 
- remove bugzilla3 CONFLICTS
 2013-09-26 19:00:40 +00:00
Baptiste Daroussin
8ee9a3584f Add NO_STAGE all over the place in preparation for the staging support (cat: japanese) 2013-09-20 18:47:54 +00:00
TAKATSU Tomonari
3c03d43fee - Update to 4.2.6 2013-06-09 06:34:35 +00:00
Olli Hauer
b3a7fc133a - update japanes/bugzilla templates 
- update vuxml to reflect bugzilla templates
- fix typo in vuxml

Approved by:	portmgr (miwi)
Sponsored by:
 2013-03-31 17:36:29 +00:00
Olli Hauer
9b8191421e - update japanese bugzilla templates 
Feature safe: yes
 2012-11-22 20:19:40 +00:00
TAKATSU Tomonari
2ec8b9b13f - Update to 4.2.3 2012-09-09 21:36:09 +00:00
Olli Hauer
2905c73e47 - move to bugzilla@ 2012-09-01 20:18:48 +00:00
Olli Hauer
3c8085b82e - update bugzilla bugzilla3 and bugzilla42 
- use new bugzilla@ address (members skv@, tota@, ohauer@)
- patch russian/japanese/german bugzilla and bugzilla templates
  so the reflect the security updates in the original templates
- patch german/bugzilla42 templates
- adopt new Makefile header

	vuxml: 6ad18fe5-f469-11e1-920d-20cf30e32f6d
	CVE: CVE-2012-3981
	https://bugzilla.mozilla.org/show_bug.cgi?id=785470
	https://bugzilla.mozilla.org/show_bug.cgi?id=785522
	https://bugzilla.mozilla.org/show_bug.cgi?id=785511
 2012-09-01 20:16:06 +00:00
TAKATSU Tomonari
5e40cda81d - Update to 4.2.2 
- Remove PKGNAMEPREFIX (-ja) since a PKGNAMESUFFIX (ja-) is already applied
- Add NO_WRKSUBDIR
- Add the plist target from the german ports (no need to install before)
- Fix build to be done with and without pkgng

Submitted by:	ohauer@ (based on)
 2012-08-07 20:37:11 +00:00
TAKATSU Tomonari
795fe5e0b4 - Copy japanese/bugzilla to japanese/bugzilla42 according to 
devel/bugzilla42
- Update japanese/bugzilla42 to 4.2.1
 2012-07-25 20:53:43 +00:00