Date: Thu, 11 Sep 2003 23:56:49 +0800 From: "Kang Liu" <liukang@bjpu.edu.cn> To: <FreeBSD-gnats-submit@FreeBSD.org> Subject: ports/56706: [maintainer]fix BBCode vulnerability & pgsql problem in phpbb Message-ID: <000601c3787d$50b23fd0$0501a8c0@ssc> Resent-Message-ID: <200309111600.h8BG0X0A007092@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 56706 >Category: ports >Synopsis: [maintainer]fix BBCode vulnerability & pgsql problem in phpbb >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Thu Sep 11 09:00:32 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Kang Liu >Release: FreeBSD 4.9-PRERELEASE i386 >Organization: Beijing University of Technology >Environment: System: FreeBSD ftp.bjpu.edu.cn 4.9-PRERELEASE FreeBSD 4.9-PRERELEASE #54: Sun Aug 31 15:09:39 CST 2003 delphij @ftp.bjpu.edu.cn:/usr/obj/usr/src/sys/FTP i386 >Description: Ivanchenko V. I. [webmaster@asiamusic.ru] and send me a patch that can fix BBCode vulnerability & pgsql problem in phpbb. Reference: Vulnerability in BBCode - serious http://www.phpbb.com/phpBB/viewtopic.php?t=135116 When I try to fetch "the latest phpbb2.0.6" from sourceforge, . it seems that the developers have updated their files but didn't change the version number. >How-To-Repeat: n/a >Fix: Thank Ivanchenko V. I. for sending me the patch, as the phpbb developers have applied that patch, What I should do now is just dump the PORTREVISION and update the distinfo. Here is my patch: Index: distinfo =================================================================== RCS file: /home/ncvs/ports/www/phpbb/distinfo,v retrieving revision 1.5 diff -u -r1.5 distinfo --- distinfo 24 Aug 2003 11:37:24 -0000 1.5 +++ distinfo 11 Sep 2003 15:39:11 -0000 @@ -1 +1 @@ -MD5 (phpBB-2.0.6.tar.bz2) = 28f20c82fce9ad6329b937c967eb1c72 +MD5 (phpBB-2.0.6.tar.bz2) = ee73baaac8f2f72c2a1d879ea811bd07 Index: Makefile =================================================================== RCS file: /home/ncvs/ports/www/phpbb/Makefile,v retrieving revision 1.12 diff -u -r1.12 Makefile --- Makefile 30 Aug 2003 17:24:14 -0000 1.12 +++ Makefile 11 Sep 2003 15:39:11 -0000 @@ -7,7 +7,7 @@ PORTNAME= phpbb PORTVERSION= 2.0.6 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= www MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} MASTER_SITE_SUBDIR= ${PORTNAME} >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000601c3787d$50b23fd0$0501a8c0>