From owner-freebsd-ports-bugs@FreeBSD.ORG Tue Apr 29 19:50:06 2008 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C7E751065670 for ; Tue, 29 Apr 2008 19:50:06 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id A6E318FC0A for ; Tue, 29 Apr 2008 19:50:06 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m3TJo6Ii036509 for ; Tue, 29 Apr 2008 19:50:06 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m3TJo6bn036503; Tue, 29 Apr 2008 19:50:06 GMT (envelope-from gnats) Resent-Date: Tue, 29 Apr 2008 19:50:06 GMT Resent-Message-Id: <200804291950.m3TJo6bn036503@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Ralf van der Enden Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 273D51065670 for ; Tue, 29 Apr 2008 19:49:48 +0000 (UTC) (envelope-from prvs=0005db3df8=root@cainites.net) Received: from cainites.net (tunnel3563.ipv6.xs4all.nl [IPv6:2001:888:10:deb::2]) by mx1.freebsd.org (Postfix) with ESMTP id C86A68FC1F for ; Tue, 29 Apr 2008 19:49:47 +0000 (UTC) (envelope-from prvs=0005db3df8=root@cainites.net) Received: from root by cainites.net with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1JqvhI-00055E-50 for FreeBSD-gnats-submit@freebsd.org; Tue, 29 Apr 2008 21:41:04 +0200 Message-Id: Date: Tue, 29 Apr 2008 21:41:04 +0200 From: Ralf van der Enden To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: ports/123232: [PATCH] databases/opendbx: update to 1.2.6 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2008 19:50:06 -0000 >Number: 123232 >Category: ports >Synopsis: [PATCH] databases/opendbx: update to 1.2.6 >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Tue Apr 29 19:50:06 UTC 2008 >Closed-Date: >Last-Modified: >Originator: Ralf van der Enden >Release: FreeBSD 7.0-RELEASE-p1 i386 >Organization: >Environment: System: FreeBSD lan.cainites.net 7.0-RELEASE-p1 FreeBSD 7.0-RELEASE-p1 #1: Thu Apr 17 10:42:59 CEST 2008 >Description: - Update to 1.2.6 This is a security release! The default implementation of odbx_escape() didn't escape single backslashes which may make the backends providing no own implementation vulnerable to SQL injection attacks. In addition, bugs in the sqlite3 and oracle backends were fixed. Generated with FreeBSD Port Tools 0.77 >How-To-Repeat: >Fix: --- opendbx-1.2.6.patch begins here --- diff -ruN --exclude=CVS /usr/ports/databases/opendbx/Makefile /usr/ports/databases/opendbx.new/Makefile --- /usr/ports/databases/opendbx/Makefile 2008-04-29 15:05:36.000000000 +0200 +++ /usr/ports/databases/opendbx.new/Makefile 2008-04-29 21:37:08.000000000 +0200 @@ -6,7 +6,7 @@ # PORTNAME= opendbx -PORTVERSION= 1.2.5 +PORTVERSION= 1.2.6 CATEGORIES= databases MASTER_SITES= http://www.linuxnetworks.de/opendbx/download/ DISTNAME= ${PORTNAME}-${PORTVERSION} @@ -30,8 +30,7 @@ SQLITE "Support for the SQLite 2 database" off \ SQLITE3 "Support for the SQLite 3 database" off \ MSSQL "Support for the MSSQL database" off \ - SYBASE "Support for the Sybase database" off \ - GETTEXT "Support for the gettext library" off + SYBASE "Support for the Sybase database" off .include @@ -89,10 +88,12 @@ PLIST_SUB+= WITHSYBASE="@comment " .endif -.if defined(WITH_GETTEXT) -USE_GETTEXT= YES -.else +.if defined(WITHOUT_NLS) CONFIGURE_ARGS+= --disable-nls +PLIST_SUB+= NLS="@comment " +.else +USE_GETTEXT= yes +PLIST_SUB+= NLS="" .endif .include diff -ruN --exclude=CVS /usr/ports/databases/opendbx/distinfo /usr/ports/databases/opendbx.new/distinfo --- /usr/ports/databases/opendbx/distinfo 2008-04-29 15:05:36.000000000 +0200 +++ /usr/ports/databases/opendbx.new/distinfo 2008-04-29 21:01:48.000000000 +0200 @@ -1,3 +1,3 @@ -MD5 (opendbx-1.2.5.tar.gz) = b671580bb9b06adbfb04530901c7b205 -SHA256 (opendbx-1.2.5.tar.gz) = 1a8b368d3c776f2eaf5efa5e11efb62c56e2c4f5508b9862a115b07d060c9a09 -SIZE (opendbx-1.2.5.tar.gz) = 487026 +MD5 (opendbx-1.2.6.tar.gz) = b7aa2fed7ecee493aad434bfbb72a1e8 +SHA256 (opendbx-1.2.6.tar.gz) = 99367a4d150964112f6deec4f929f18fcf5076fae220cc7c133fc6d99060b8d5 +SIZE (opendbx-1.2.6.tar.gz) = 487528 diff -ruN --exclude=CVS /usr/ports/databases/opendbx/pkg-plist /usr/ports/databases/opendbx.new/pkg-plist --- /usr/ports/databases/opendbx/pkg-plist 2007-03-05 13:17:15.000000000 +0100 +++ /usr/ports/databases/opendbx.new/pkg-plist 2008-04-29 21:11:16.000000000 +0200 @@ -4,6 +4,8 @@ lib/libopendbx.so lib/libopendbx.so.2 libdata/pkgconfig/opendbx.pc +%%NLS%%share/locale/de/LC_MESSAGES/opendbx.mo +%%NLS%%share/locale/en@quot/LC_MESSAGES/opendbx.mo %%WITHPGSQL%%lib/opendbx/libpgsqlbackend.a %%WITHPGSQL%%lib/opendbx/libpgsqlbackend.la %%WITHPGSQL%%lib/opendbx/libpgsqlbackend.so @@ -29,3 +31,7 @@ %%WITHSYBASE%%lib/opendbx/libsybasebackend.so %%WITHSYBASE%%lib/opendbx/libsybasebackend.so.2 @dirrm lib/opendbx +%%NLS%%@dirrmtry share/locale/en@quot/LC_MESSAGES +%%NLS%%@dirrmtry share/locale/en@quot +%%NLS%%@dirrmtry share/locale/de/LC_MESSAGES +%%NLS%%@dirrmtry share/locale/de --- opendbx-1.2.6.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted: