Date: Mon, 2 Jul 2012 15:16:57 +0200 (CEST) From: Krzysztof Stryjek <ports@bsdserwis.com> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/169600: update phpList to new 2.10.18 version due to vulnerabilities Message-ID: <20120702131657.BBD6B2CA45B4@mx1.bsdserwis.com> Resent-Message-ID: <201207021320.q62DK6ug039697@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 169600 >Category: ports >Synopsis: update phpList to new 2.10.18 version due to vulnerabilities >Confidential: no >Severity: critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Mon Jul 02 13:20:05 UTC 2012 >Closed-Date: >Last-Modified: >Originator: Krzysztof Stryjek >Release: FreeBSD 7.3-STABLE amd64 >Organization: private >Environment: System: FreeBSD cmd 7.3-STABLE FreeBSD 7.3-STABLE #1: Fri May 7 15:18:19 CEST 2010 toor@cmd:/home/usr/obj/home/usr/src/sys/AQQ amd64 >Description: PhpList till 2.10.17 has XSS and SQL injection vulnerabilities. So there is new 2.10.18 version. >How-To-Repeat: cd mail/phplist && nake all install clean >Fix: There is patch to apply new version of phpList: diff -ruN phplist.orig/Makefile phplist/Makefile --- phplist.orig/Makefile 2011-10-17 06:35:01.000000000 +0200 +++ phplist/Makefile 2012-06-28 01:50:58.000000000 +0200 @@ -5,7 +5,7 @@ # $FreeBSD: ports/mail/phplist/Makefile,v 1.10 2011/10/17 04:35:01 dougb Exp $ PORTNAME= phplist -PORTVERSION= 2.10.17 +PORTVERSION= 2.10.18 CATEGORIES= mail www MASTER_SITES= SF EXTRACT_SUFX= .tgz diff -ruN phplist.orig/distinfo phplist/distinfo --- phplist.orig/distinfo 2011-10-05 14:30:55.000000000 +0200 +++ phplist/distinfo 2012-06-28 01:51:53.000000000 +0200 @@ -1,2 +1,2 @@ -SHA256 (phplist-2.10.17.tgz) = 84139766c9c2169c9a20ae869f0bfe9d7c32739126ab037ee2f153e571fcfa31 -SIZE (phplist-2.10.17.tgz) = 2297323 +SHA256 (phplist-2.10.18.tgz) = 0a1a246d4f54a34840b607dc9a8f57d70f0756bd39ae7be75c8d741932018599 +SIZE (phplist-2.10.18.tgz) = 2297328 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120702131657.BBD6B2CA45B4>