Update ja-trac to 0.11.6pl1,aka Trac-0.11.6.ja1.

(security fixes are already by 0.11.5pl1nb1 in pkgsrc) Trac-0.11.6.ja1 (Jan 24, 2010) * Merge Trac-0.11.6 * Apply patch - trac:changeset:8997 Trac 0.11.6 (November 28, 2009) http://svn.edgewall.org/repos/trac/tags/trac-0.11.6 Trac 0.11.6 contains two security fixes and a number of bug fixes, performance improvements and minor enhancements. The following list contains only a few highlights: Security fixes: * Fixed the policy checks in report results when using alternate formats. * Added a check for the "raw" role that is missing in docutils < 0.6. Performance improvements: * Re-enabled connection pooling with SQLite (#3446). * Added caching of configuration options (#8510). Bug fixes: * Fixed the "database is locked" issue with SQLite (#3446, #8468). * Deprecated SQLite 2.x support (#8625). * Fixed hanlding of times in timezones with DST (#8240). * Avoid corruption of trac.ini during write (#8623). * Improved support for revision ranges in revision log view (#8349)
2010-01-26 02:01:36 +00:00 · 2010-01-26 02:01:36 +00:00 · d94632f232
commit d94632f232
parent 33ed88a443
4 changed files with 6 additions and 78 deletions
--- a/www/ja-trac/Makefile
+++ b/www/ja-trac/Makefile
@ -1,9 +1,8 @@
-# $NetBSD: Makefile,v 1.28 2010/01/06 13:19:45 obache Exp $
+# $NetBSD: Makefile,v 1.29 2010/01/26 02:01:36 obache Exp $
 #

-DISTNAME=	Trac-0.11.5.ja1
+DISTNAME=	Trac-0.11.6.ja1
 PKGNAME=	ja-${DISTNAME:tl:S/.ja/pl/}
-PKGREVISION=	1
 CATEGORIES=	www devel
 MASTER_SITES=	http://www.i-act.co.jp/project/products/downloads/
 EXTRACT_SUFX=	.zip
--- a/www/ja-trac/distinfo
+++ b/www/ja-trac/distinfo
@ -1,7 +1,5 @@
-$NetBSD: distinfo,v 1.19 2010/01/06 13:19:45 obache Exp $
+$NetBSD: distinfo,v 1.20 2010/01/26 02:01:36 obache Exp $

-SHA1 (Trac-0.11.5.ja1.zip) = e2a53ac73fad0751587313a41267f70410359372
-RMD160 (Trac-0.11.5.ja1.zip) = e5f12051270b355d1e07a361e0378372f807cbe8
-Size (Trac-0.11.5.ja1.zip) = 1008558 bytes
-SHA1 (patch-ab) = 572537f6531dcaa793da288465e01e73f107d969
-SHA1 (patch-ac) = 326b50fb8e190b285d609b3e437787c069edf613
+SHA1 (Trac-0.11.6.ja1.zip) = 11079c7493406c91fea31ef3facda7ae7e3281d9
+RMD160 (Trac-0.11.6.ja1.zip) = 7e0dd8864e375b676ad7badccda8dd0019a459ba
+Size (Trac-0.11.6.ja1.zip) = 1050176 bytes
--- a/www/ja-trac/patches/patch-ab
+++ b/www/ja-trac/patches/patch-ab
@ -1,32 +0,0 @@
-$NetBSD: patch-ab,v 1.1 2010/01/06 13:19:45 obache Exp $
-
-CVE-2009-4405
-http://trac.edgewall.org/changeset/8813
-
--- trac/mimeview/rst.py.orig	2009-02-24 20:53:20.000000000 +0000
-+++ trac/mimeview/rst.py
-@@ -43,6 +43,24 @@ from trac.web.href import Href
- from trac.wiki.api import WikiSystem
- from trac.wiki.formatter import WikiProcessor, Formatter, extract_link
- 
-+if has_docutils and StrictVersion(__version__) < StrictVersion('0.6'):
-+    # Monkey-patch "raw" role handler in docutils to add a missing check
-+    # See docutils bug #2845002 on SourceForge
-+    def raw_role(role, rawtext, text, lineno, inliner, options={}, content=[]):
-+        if not inliner.document.settings.raw_enabled:
-+            msg = inliner.reporter.warning('raw (and derived) roles disabled')
-+            prb = inliner.problematic(rawtext, rawtext, msg)
-+            return [prb], [msg]
-+        return _raw_role(role, rawtext, text, lineno, inliner, options,
-+                         content)
-+    
-+    from docutils.parsers.rst import roles
-+    raw_role.options = roles.raw_role.options
-+    _raw_role = roles.raw_role
-+    roles.raw_role = raw_role
-+    roles.register_canonical_role('raw', raw_role)
-+
-+
- class ReStructuredTextRenderer(Component):
-     """
-     Renders plain text in reStructuredText format as HTML.
--- a/www/ja-trac/patches/patch-ac
+++ b/www/ja-trac/patches/patch-ac
@ -1,37 +0,0 @@
-$NetBSD: patch-ac,v 1.1 2010/01/06 13:19:45 obache Exp $
-
-CVE-2009-4405
-http://trac.edgewall.org/changeset/8816
-
--- trac/ticket/report.py.orig	2009-07-02 17:01:40.000000000 +0000
-+++ trac/ticket/report.py
-@@ -400,6 +400,7 @@ class ReportModule(Component):
-         #  - group rows according to __group__ value, if defined
-         #  - group cells the same way headers are grouped
-         row_groups = []
-+        authorized_results = [] 
-         prev_group_value = None
-         for row_idx, result in enumerate(results):
-             col_idx = 0
-@@ -439,6 +440,7 @@ class ReportModule(Component):
-             # FIXME: for now, we still need to hardcode the realm in the action
-             if resource.realm.upper()+'_VIEW' not in req.perm(resource):
-                 continue
-+            authorized_results.append(result)
-             if email_cells:
-                 for cell in email_cells:
-                     emails = Chrome(self.env).format_emails(context(resource),
-@@ -474,11 +476,11 @@ class ReportModule(Component):
-             return 'report.rss', data, 'application/rss+xml'
-         elif format == 'csv':
-             filename = id and 'report_%s.csv' % id or 'report.csv'
-            self._send_csv(req, cols, results, mimetype='text/csv',
-+            self._send_csv(req, cols, authorized_results, mimetype='text/csv',
-                            filename=filename)
-         elif format == 'tab':
-             filename = id and 'report_%s.tsv' % id or 'report.tsv'
-            self._send_csv(req, cols, results, '\t',
-+            self._send_csv(req, cols, authorized_results, '\t',
-                            mimetype='text/tab-separated-values',
-                            filename=filename)
-         else: