kpriv/pkgsrc-wip
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc-wip/bugzilla/Makefile
David Brownlee 48711e5421 Update to 2.16.6 
Many changes, most notable security fixes:

Class:       Information Leak
Versions:    All versions prior to 2.16.6 and 2.18rc1
Description: If Bugzilla is configured to hide entire products from some
             users, both duplicates.cgi and the form for mass-editing a
             list of bugs in buglist.cgi can disclose the names of those
             hidden products to such users.
References:  http://bugzilla.mozilla.org/show_bug.cgi?id=234825
             http://bugzilla.mozilla.org/show_bug.cgi?id=234855

Class:       Cross-site scripting vulnerability
Versions:    All versions prior to 2.16.6 and 2.18rc1
Description: Several administration CGIs echo invalid data back to the
             user without escaping it.
Reference:   http://bugzilla.mozilla.org/show_bug.cgi?id=235265

Class:       Remote SQL injection vulnerability
Versions:    All versions prior to 2.16.6 and 2.18rc1
Description: A user with privileges to grant membership to any group
             (i.e. usually an administrator) can trick editusers.cgi
             into executing arbitrary SQL.
Reference:   http://bugzilla.mozilla.org/show_bug.cgi?id=244272

	Also treat bugzilla.conf and localconfig as CONF_FILES
2004-07-14 10:49:56 +00:00

103 lines
3.7 KiB
Makefile
Raw Blame History

# $NetBSD: Makefile,v 1.9 2004/07/14 10:49:56 absd Exp $
#
DISTNAME= bugzilla-2.16.6
CATEGORIES= www
MASTER_SITES= http://ftp.mozilla.org/pub/mozilla.org/webtools/
MAINTAINER= adrianp@stindustries.net
HOMEPAGE= http://www.bugzilla.org/
COMMENT= Web based bug tracking system
DEPENDS+= p5-DBI>=1.13:../../databases/p5-DBI
DEPENDS+= p5-DBD-mysql>=1.2209:../../databases/p5-DBD-mysql
DEPENDS+= p5-AppConfig>=1.52:../../devel/p5-AppConfig
DEPENDS+= p5-Template-Toolkit>=2.07:../../www/p5-Template-Toolkit
DEPENDS+= p5-Text-Tabs+Wrap>=2001.0131:../../wip/p5-Text-Tabs+Wrap
DEPENDS+= p5-File-Spec>=0.82:../../devel/p5-File-Spec
DEPENDS+= p5-File-Temp-[0-9]*:../../devel/p5-File-Temp
DEPENDS+= {p5-Data-Dumper-[0-9]*,perl>=5.6.1nb2}:${PERL5_PKGSRCDIR}
DEPENDS+= p5-TimeDate-[0-9]*:../../time/p5-TimeDate
DEPENDS+= p5-CGI-[0-9]*:../../www/p5-CGI
#
# these are optional
#
DEPENDS+= gd>=1.19:../../graphics/gd
DEPENDS+= p5-Chart-[0-9]*:../../wip/p5-Chart
DEPENDS+= p5-XML-Parser-[0-9]*:../../textproc/p5-XML-Parser
NO_BUILDLINK= YES
BZDIR?= ${PREFIX}/share/bugzilla
SENDMAIL?= /usr/sbin/sendmail
BZ_DB_DATABASE?=bugs
BZ_DB_HOST?= localhost
BZ_DB_PORT?= 3306
BZ_DB_USER?= bugs
BZ_DB_PASS?= changemeplease
BZ_WEB_GROUP?= www
MESSAGE_SUBST+= BZDIR=${BZDIR} EXDIR=${PREFIX}/share/examples/bugzilla \
PKG_SYSCONFDIR=${PKG_SYSCONFDIR}
EGDIR= ${PREFIX}/share/examples/bugzilla
OWN_DIRS+= ${EGDIR}
CONF_FILES= ${EGDIR}/bugzilla.conf ${BZDIR}/bugzilla.conf
CONF_FILES+= ${EGDIR}/localconfig ${BZDIR}/localconfig
post-extract:
${FIND} ${WRKSRC}/template -type d -name CVS | ${XARGS} ${RM} -fr
${FIND} ${WRKSRC}/template -type f -name ".cvsignore" | ${XARGS} ${RM} -f
do-build:
for f in ${WRKSRC}/*.pl ${WRKSRC}/Bug.pm ${WRKSRC}/*.cgi \
${WRKSRC}/processmail ${WRKSRC}/syncshadowdb; do \
[ -f $$f.BAK ] || ${MV} $$f $$f.BAK ; \
${SED} -e 's#\#\!/usr/bonsaitools/bin/perl#\#\!${PREFIX}/bin/perl#g' \
-e "s#/usr/lib/sendmail#${SENDMAIL}#g" \
< $$f.BAK > $$f; \
done
for f in localconfig bugzilla.conf; do \
${SED} -e 's#@PREFIX@#${PREFIX}#g' \
-e 's#@BZDIR@#${BZDIR}#g' \
-e 's#@BZ_DB_HOST@#${BZ_DB_HOST}#g' \
-e 's#@BZ_WEB_GROUP@#${BZ_WEB_GROUP}#g' \
-e 's#@BZ_DB_PORT@#${BZ_DB_PORT}#g' \
-e 's#@BZ_DB_DATABASE@#${BZ_DB_DATABASE}#g' \
-e 's#@BZ_DB_USER@#${BZ_DB_USER}#g' \
-e 's#@BZ_DB_PASS@#${BZ_DB_PASS}#g' \
< ${FILESDIR}/$$f > ${WRKSRC}/$$f; \
done
do-install:
${INSTALL_DATA_DIR} ${PREFIX}/share/doc/bugzilla
${INSTALL_DATA_DIR} ${EGDIR}
${INSTALL_DATA_DIR} ${BZDIR}
${INSTALL_DATA_DIR} ${BZDIR}/css
${INSTALL_DATA_DIR} ${BZDIR}/template
${INSTALL_DATA} ${WRKSRC}/docs/txt/Bugzilla-Guide.txt ${PREFIX}/share/doc/bugzilla
${INSTALL_DATA} ${WRKSRC}/docs/rel_notes.txt ${PREFIX}/share/doc/bugzilla
${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/bugzilla
${INSTALL_DATA} ${WRKSRC}/UPGRADING ${PREFIX}/share/doc/bugzilla
${INSTALL_DATA} ${WRKSRC}/UPGRADING-pre-2.8 ${PREFIX}/share/doc/bugzilla
${INSTALL_SCRIPT} ${WRKSRC}/*.cgi ${BZDIR}
${INSTALL_SCRIPT} ${WRKSRC}/*.pl ${BZDIR}
${INSTALL_DATA} ${WRKSRC}/*.html ${BZDIR}
${INSTALL_DATA} ${WRKSRC}/*.pm ${BZDIR}
${INSTALL_DATA} ${WRKSRC}/robots.txt ${BZDIR}
${INSTALL_DATA} ${WRKSRC}/1x1.gif ${BZDIR}
${INSTALL_DATA} ${WRKSRC}/ant.jpg ${BZDIR}
${INSTALL_DATA} ${WRKSRC}/bugzilla.conf ${EGDIR}
${INSTALL_DATA} ${WRKSRC}/localconfig ${EGDIR}
${INSTALL_DATA} ${WRKSRC}/bugzilla.dtd ${BZDIR}
${INSTALL_DATA} ${WRKSRC}/*.js ${BZDIR}
${INSTALL_DATA} ${WRKSRC}/processmail ${BZDIR}
${INSTALL_DATA} ${WRKSRC}/syncshadowdb ${BZDIR}
${INSTALL_DATA} ${WRKSRC}/css/*.css ${BZDIR}/css
cd ${WRKSRC}/template && ${PAX} -rw . ${BZDIR}/template
${CHOWN} -R ${SHAREOWN}:${SHAREGRP} ${BZDIR}/template
.include "../../mk/bsd.pkg.mk"
Reference in a new issue View git blame Copy permalink