Date: Thu, 29 Nov 2012 20:33:20 +0000 (UTC) From: Olli Hauer <ohauer@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r307978 - in head: security/vuxml www/yahoo-ui Message-ID: <201211292033.qATKXKpS051007@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ohauer Date: Thu Nov 29 20:33:19 2012 New Revision: 307978 URL: http://svnweb.freebsd.org/changeset/ports/307978 Log: www/yahoo-ui - fix CVE-2012-5881 security/vuxml - adjust version (we have only 2.8.2 in the tree) Feature safe: yes Approved by: glarkin (maintainer) explicit Modified: head/security/vuxml/vuln.xml head/www/yahoo-ui/Makefile (contents, props changed) head/www/yahoo-ui/distinfo (contents, props changed) Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Thu Nov 29 19:45:24 2012 (r307977) +++ head/security/vuxml/vuln.xml Thu Nov 29 20:33:19 2012 (r307978) @@ -56,7 +56,7 @@ Note: Please add new entries to the beg <affects> <package> <name>yahoo-ui</name> - <range><lt>3.0.0</lt></range> + <range><le>2.8.2</le></range> </package> </affects> <description> @@ -82,7 +82,7 @@ Note: Please add new entries to the beg <dates> <discovery>2012-10-30</discovery> <entry>2012-11-27</entry> - <modified>2012-11-28</modified> + <modified>2012-11-29</modified> </dates> </vuln> Modified: head/www/yahoo-ui/Makefile ============================================================================== --- head/www/yahoo-ui/Makefile Thu Nov 29 19:45:24 2012 (r307977) +++ head/www/yahoo-ui/Makefile Thu Nov 29 20:33:19 2012 (r307978) @@ -1,19 +1,22 @@ # $FreeBSD$ PORTNAME= yahoo -PORTVERSION= 2.8.2 +DISTVERSION= 2.8.2 +PORTREVISION= 1 CATEGORIES= www -MASTER_SITES= http://yuilibrary.com/downloads/yui2/ +MASTER_SITES= http://yuilibrary.com/downloads/yui2/:main \ + http://yuilibrary.com/support/20121030-vulnerability/dropin_patches/:patch PKGNAMESUFFIX= -ui -DISTNAME= yui_${PORTVERSION}r1 +DISTFILES= yui_${DISTVERSION}r1.zip:main \ + charts-${DISTVERSION:S/.//g}.zip:patch \ + swfstore-${DISTVERSION:S/.//g}.zip:patch \ + uploader-${DISTVERSION:S/.//g}.zip:patch MAINTAINER= glarkin@FreeBSD.org COMMENT= The Yahoo! User Interface (YUI) Library LICENSE= BSD -FORBIDDEN= CVE-2012-5881 Cross-site scripting (XSS) vulnerability in the Flash component infrastructure - USE_ZIP= yes WRKSRC= ${WRKDIR}/yui @@ -53,6 +56,17 @@ SUB_LIST+= HASHMARK2= PLIST_SUB+= NOAPACHE="@comment " .endif +pre-patch: + @${FIND} ${WRKSRC} -type f \( -name charts.swf -o -name swfstore.swf -o -name uploader.swf \) -delete + +post-patch: .SILENT + ${INSTALL_DATA} ${WRKDIR}/charts-${DISTVERSION:S/.//g}/charts.swf ${WRKSRC}/build/charts/assets/charts.swf + ${INSTALL_DATA} ${WRKDIR}/swfstore-${DISTVERSION:S/.//g}/swfstore.swf ${WRKSRC}/build/swfstore/swfstore.swf + ${INSTALL_DATA} ${WRKDIR}/swfstore-${DISTVERSION:S/.//g}/swfstore.swf ${WRKSRC}/examples/storage/swfstore.swf + ${INSTALL_DATA} ${WRKDIR}/swfstore-${DISTVERSION:S/.//g}/swfstore.swf ${WRKSRC}/examples/swfstore/swfstore.swf + ${INSTALL_DATA} ${WRKDIR}/uploader-${DISTVERSION:S/.//g}/uploader.swf ${WRKSRC}/build/uploader/assets/uploader.swf + ${INSTALL_DATA} ${WRKDIR}/uploader-${DISTVERSION:S/.//g}/uploader.swf ${WRKSRC}/examples/uploader/assets/uploader.swf + do-install: @cd ${WRKSRC} && ${COPYTREE_SHARE} "assets build index.html \ tests" ${WWWDIR} Modified: head/www/yahoo-ui/distinfo ============================================================================== --- head/www/yahoo-ui/distinfo Thu Nov 29 19:45:24 2012 (r307977) +++ head/www/yahoo-ui/distinfo Thu Nov 29 20:33:19 2012 (r307978) @@ -1,2 +1,8 @@ SHA256 (yui_2.8.2r1.zip) = 45ef73ca1956af72006ed07daa670bd552c2bccb6c25d8bd7fcf82054277c67c SIZE (yui_2.8.2r1.zip) = 13627195 +SHA256 (charts-282.zip) = 43b9085a4e3406c7fd49c32cf4f27487edd23596a31c65ce24e0dbdd466e719d +SIZE (charts-282.zip) = 81636 +SHA256 (swfstore-282.zip) = 8a2b91dc76e49165be71b79f5567325719e80562c78d2812a4f879350920b162 +SIZE (swfstore-282.zip) = 5042 +SHA256 (uploader-282.zip) = 6c7dd6c6379e571f6d3efb3f978c429b3763adddc9fdd3c94b06830b988bc251 +SIZE (uploader-282.zip) = 7440
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201211292033.qATKXKpS051007>