From owner-svn-ports-head@FreeBSD.ORG Thu Nov 29 20:33:20 2012 Return-Path: Delivered-To: svn-ports-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C971C2AA; Thu, 29 Nov 2012 20:33:20 +0000 (UTC) (envelope-from ohauer@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id A41798FC15; Thu, 29 Nov 2012 20:33:20 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.5/8.14.5) with ESMTP id qATKXKts051011; Thu, 29 Nov 2012 20:33:20 GMT (envelope-from ohauer@svn.freebsd.org) Received: (from ohauer@localhost) by svn.freebsd.org (8.14.5/8.14.5/Submit) id qATKXKpS051007; Thu, 29 Nov 2012 20:33:20 GMT (envelope-from ohauer@svn.freebsd.org) Message-Id: <201211292033.qATKXKpS051007@svn.freebsd.org> From: Olli Hauer Date: Thu, 29 Nov 2012 20:33:20 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r307978 - in head: security/vuxml www/yahoo-ui X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Nov 2012 20:33:21 -0000 Author: ohauer Date: Thu Nov 29 20:33:19 2012 New Revision: 307978 URL: http://svnweb.freebsd.org/changeset/ports/307978 Log: www/yahoo-ui - fix CVE-2012-5881 security/vuxml - adjust version (we have only 2.8.2 in the tree) Feature safe: yes Approved by: glarkin (maintainer) explicit Modified: head/security/vuxml/vuln.xml head/www/yahoo-ui/Makefile (contents, props changed) head/www/yahoo-ui/distinfo (contents, props changed) Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Thu Nov 29 19:45:24 2012 (r307977) +++ head/security/vuxml/vuln.xml Thu Nov 29 20:33:19 2012 (r307978) @@ -56,7 +56,7 @@ Note: Please add new entries to the beg yahoo-ui - 3.0.0 + 2.8.2 @@ -82,7 +82,7 @@ Note: Please add new entries to the beg 2012-10-30 2012-11-27 - 2012-11-28 + 2012-11-29 Modified: head/www/yahoo-ui/Makefile ============================================================================== --- head/www/yahoo-ui/Makefile Thu Nov 29 19:45:24 2012 (r307977) +++ head/www/yahoo-ui/Makefile Thu Nov 29 20:33:19 2012 (r307978) @@ -1,19 +1,22 @@ # $FreeBSD$ PORTNAME= yahoo -PORTVERSION= 2.8.2 +DISTVERSION= 2.8.2 +PORTREVISION= 1 CATEGORIES= www -MASTER_SITES= http://yuilibrary.com/downloads/yui2/ +MASTER_SITES= http://yuilibrary.com/downloads/yui2/:main \ + http://yuilibrary.com/support/20121030-vulnerability/dropin_patches/:patch PKGNAMESUFFIX= -ui -DISTNAME= yui_${PORTVERSION}r1 +DISTFILES= yui_${DISTVERSION}r1.zip:main \ + charts-${DISTVERSION:S/.//g}.zip:patch \ + swfstore-${DISTVERSION:S/.//g}.zip:patch \ + uploader-${DISTVERSION:S/.//g}.zip:patch MAINTAINER= glarkin@FreeBSD.org COMMENT= The Yahoo! User Interface (YUI) Library LICENSE= BSD -FORBIDDEN= CVE-2012-5881 Cross-site scripting (XSS) vulnerability in the Flash component infrastructure - USE_ZIP= yes WRKSRC= ${WRKDIR}/yui @@ -53,6 +56,17 @@ SUB_LIST+= HASHMARK2= PLIST_SUB+= NOAPACHE="@comment " .endif +pre-patch: + @${FIND} ${WRKSRC} -type f \( -name charts.swf -o -name swfstore.swf -o -name uploader.swf \) -delete + +post-patch: .SILENT + ${INSTALL_DATA} ${WRKDIR}/charts-${DISTVERSION:S/.//g}/charts.swf ${WRKSRC}/build/charts/assets/charts.swf + ${INSTALL_DATA} ${WRKDIR}/swfstore-${DISTVERSION:S/.//g}/swfstore.swf ${WRKSRC}/build/swfstore/swfstore.swf + ${INSTALL_DATA} ${WRKDIR}/swfstore-${DISTVERSION:S/.//g}/swfstore.swf ${WRKSRC}/examples/storage/swfstore.swf + ${INSTALL_DATA} ${WRKDIR}/swfstore-${DISTVERSION:S/.//g}/swfstore.swf ${WRKSRC}/examples/swfstore/swfstore.swf + ${INSTALL_DATA} ${WRKDIR}/uploader-${DISTVERSION:S/.//g}/uploader.swf ${WRKSRC}/build/uploader/assets/uploader.swf + ${INSTALL_DATA} ${WRKDIR}/uploader-${DISTVERSION:S/.//g}/uploader.swf ${WRKSRC}/examples/uploader/assets/uploader.swf + do-install: @cd ${WRKSRC} && ${COPYTREE_SHARE} "assets build index.html \ tests" ${WWWDIR} Modified: head/www/yahoo-ui/distinfo ============================================================================== --- head/www/yahoo-ui/distinfo Thu Nov 29 19:45:24 2012 (r307977) +++ head/www/yahoo-ui/distinfo Thu Nov 29 20:33:19 2012 (r307978) @@ -1,2 +1,8 @@ SHA256 (yui_2.8.2r1.zip) = 45ef73ca1956af72006ed07daa670bd552c2bccb6c25d8bd7fcf82054277c67c SIZE (yui_2.8.2r1.zip) = 13627195 +SHA256 (charts-282.zip) = 43b9085a4e3406c7fd49c32cf4f27487edd23596a31c65ce24e0dbdd466e719d +SIZE (charts-282.zip) = 81636 +SHA256 (swfstore-282.zip) = 8a2b91dc76e49165be71b79f5567325719e80562c78d2812a4f879350920b162 +SIZE (swfstore-282.zip) = 5042 +SHA256 (uploader-282.zip) = 6c7dd6c6379e571f6d3efb3f978c429b3763adddc9fdd3c94b06830b988bc251 +SIZE (uploader-282.zip) = 7440