Date: Fri, 28 Nov 2003 08:11:46 +0800 From: "Kang Liu" <liukang@bjpu.edu.cn> To: <FreeBSD-gnats-submit@FreeBSD.org> Subject: ports/59741: [maintainer update]Fix Potential security issue with search in phpbb Message-ID: <004801c3b544$3679ee70$e04e70ca@bjpu.edu.cn> Resent-Message-ID: <200311280020.hAS0KE7w073995@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 59741 >Category: ports >Synopsis: [maintainer update]Fix Potential security issue with search in phpbb >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Thu Nov 27 16:20:13 PST 2003 >Closed-Date: >Last-Modified: >Originator: Kang Liu >Release: FreeBSD 4.9-RELEASE i386 >Organization: Beijing University of Technology >Environment: System: FreeBSD 4.9-RELEASE >Description: The phpbb developers just released a announcement about potential security issue with search: http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=153818 They updated the src-pack but didn't change the version number. I know the port freeze has begun, but this problem seems serious, and all src-packs have been updated, phpbb is borken(checksum) now. As Joe Marcus Clarke said in PR:56706, All build fixes do not need portmgr approval. Can anyone commit it? >How-To-Repeat: run make at ports/www/phpbb >Fix: --- distinfo.orig Thu Sep 18 02:14:52 2003 +++ distinfo Fri Nov 28 07:54:56 2003 @@ -1 +1 @@ -MD5 (phpBB-2.0.6.tar.bz2) = ee73baaac8f2f72c2a1d879ea811bd07 +MD5 (phpBB-2.0.6.tar.bz2) = 6574f13e2c7b66fda4faf1b2ddacae48 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?004801c3b544$3679ee70$e04e70ca>