From owner-svn-ports-head@freebsd.org Tue May 22 19:30:51 2018 Return-Path: Delivered-To: svn-ports-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7AA42EAD202; Tue, 22 May 2018 19:30:51 +0000 (UTC) (envelope-from krion@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 28486860D1; Tue, 22 May 2018 19:30:51 +0000 (UTC) (envelope-from krion@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 0972D185BA; Tue, 22 May 2018 19:30:51 +0000 (UTC) (envelope-from krion@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w4MJUo8q092696; Tue, 22 May 2018 19:30:50 GMT (envelope-from krion@FreeBSD.org) Received: (from krion@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w4MJUoZw092657; Tue, 22 May 2018 19:30:50 GMT (envelope-from krion@FreeBSD.org) Message-Id: <201805221930.w4MJUoZw092657@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: krion set sender to krion@FreeBSD.org using -f From: Kirill Ponomarev Date: Tue, 22 May 2018 19:30:50 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r470654 - head/mail/sympa X-SVN-Group: ports-head X-SVN-Commit-Author: krion X-SVN-Commit-Paths: head/mail/sympa X-SVN-Commit-Revision: 470654 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 May 2018 19:30:51 -0000 Author: krion Date: Tue May 22 19:30:50 2018 New Revision: 470654 URL: https://svnweb.freebsd.org/changeset/ports/470654 Log: Security update to 6.2.32 Description: A vulnerability has been discovered in Sympa web interface that allows write access to files on the server filesystem. This flaw allows to create or modify any file writable by the Sympa user, located on the server filesystem, using the function of Sympa web interface template file saving. PR: 227642 Submitted by: maintainer Modified: head/mail/sympa/Makefile head/mail/sympa/distinfo Modified: head/mail/sympa/Makefile ============================================================================== --- head/mail/sympa/Makefile Tue May 22 19:22:58 2018 (r470653) +++ head/mail/sympa/Makefile Tue May 22 19:30:50 2018 (r470654) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= sympa -DISTVERSION= 6.2.30 +DISTVERSION= 6.2.32 CATEGORIES= mail MAINTAINER= dgeo@centrale-marseille.fr Modified: head/mail/sympa/distinfo ============================================================================== --- head/mail/sympa/distinfo Tue May 22 19:22:58 2018 (r470653) +++ head/mail/sympa/distinfo Tue May 22 19:30:50 2018 (r470654) @@ -1,3 +1,3 @@ -TIMESTAMP = 1522755872 -SHA256 (sympa-community-sympa-6.2.30_GH0.tar.gz) = 3613738824c482719461675f93672811ba0618fb53caa5d8e6c9c956bb6d9fb1 -SIZE (sympa-community-sympa-6.2.30_GH0.tar.gz) = 10303628 +TIMESTAMP = 1524158051 +SHA256 (sympa-community-sympa-6.2.32_GH0.tar.gz) = ab3a17826846e74fe222f482aa6ab68fa5349f726dc1700d4512c348ab82807a +SIZE (sympa-community-sympa-6.2.32_GH0.tar.gz) = 10305699