From owner-freebsd-ports-bugs@FreeBSD.ORG Fri Nov 28 18:30:03 2008 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D94131065675 for ; Fri, 28 Nov 2008 18:30:03 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id B5B5E8FC1F for ; Fri, 28 Nov 2008 18:30:03 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id mASIU3Th029231 for ; Fri, 28 Nov 2008 18:30:03 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id mASIU3x0029228; Fri, 28 Nov 2008 18:30:03 GMT (envelope-from gnats) Resent-Date: Fri, 28 Nov 2008 18:30:03 GMT Resent-Message-Id: <200811281830.mASIU3x0029228@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Antoine Beaupre Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1AC04106567B for ; Fri, 28 Nov 2008 18:26:25 +0000 (UTC) (envelope-from anarcat@lethe.koumbit.net) Received: from bureau.koumbit.net (lb.koumbit.net [209.44.112.66]) by mx1.freebsd.org (Postfix) with ESMTP id D38E58FC20 for ; Fri, 28 Nov 2008 18:26:24 +0000 (UTC) (envelope-from anarcat@lethe.koumbit.net) Received: from lethe.koumbit.net (modemcable028.26-70-69.static.videotron.ca [69.70.26.28]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by bureau.koumbit.net (Postfix) with ESMTP id CD63729BB3 for ; Fri, 28 Nov 2008 13:03:46 -0500 (EST) Received: by lethe.koumbit.net (Postfix, from userid 1000) id 729221706F; Fri, 28 Nov 2008 13:03:46 -0500 (EST) Message-Id: <20081128180346.729221706F@lethe.koumbit.net> Date: Fri, 28 Nov 2008 13:03:46 -0500 (EST) From: Antoine Beaupre To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: ports/129262: upgrade of ledgersmb12 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Antoine Beaupre List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Nov 2008 18:30:03 -0000 >Number: 129262 >Category: ports >Synopsis: upgrade of ledgersmb12 >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Fri Nov 28 18:30:03 UTC 2008 >Closed-Date: >Last-Modified: >Originator: Antoine Beaupre >Release: FreeBSD 6.3-RELEASE-p1 i386 >Organization: Koumbit >Environment: System: FreeBSD lethe.koumbit.net 6.3-RELEASE-p1 FreeBSD 6.3-RELEASE-p1 #1: Mon Mar 24 16:30:04 EDT 2008 anarcat@lethe.koumbit.net:/usr/obj/usr/src/sys/LETHE6 i386 >Description: The attached patch upgrades the ledgersmb12 port to 1.2.17. Note that all ledgersmb versions before 1.2.15 are vulnerable to various security issues. I'm not sure how to fit this in the portaudit stuff... See: http://ledgersmb.org/node/70 Also note that the ledgersmb port can probably be retired (in favour of the ledgersmb12 port). >How-To-Repeat: >Fix: Note that I have brought back the dependencies that were removed in the latest update. diff -ru ledgersmb12/Makefile ledgersmb12.svn/Makefile --- ledgersmb12/Makefile 2008-11-28 13:00:14.000000000 -0500 +++ ledgersmb12.svn/Makefile 2008-11-28 12:54:01.000000000 -0500 @@ -6,14 +6,16 @@ # PORTNAME= ledgersmb -PORTVERSION= 1.2.13 +PORTVERSION= 1.2.17 CATEGORIES= finance perl5 MASTER_SITES= SF/ledger-smb MAINTAINER= anarcat@anarcat.ath.cx COMMENT= A double entry accounting system -BUILD_DEPENDS= ${SITE_PERL}/${PERL_ARCH}/DBD/Pg.pm:${PORTSDIR}/databases/p5-DBD-Pg +BUILD_DEPENDS= ${SITE_PERL}/${PERL_ARCH}/DBD/Pg.pm:${PORTSDIR}/databases/p5-DBD-Pg \ + ${SITE_PERL}/MIME/Lite.pm:${PORTSDIR}/mail/p5-MIME-Lite \ + ${SITE_PERL}/Config/Std.pm:${PORTSDIR}/devel/p5-Config-Std RUN_DEPENDS= ${BUILD_DEPENDS} LATEST_LINK= ledgersmb12 diff -ru ledgersmb12/distinfo ledgersmb12.svn/distinfo --- ledgersmb12/distinfo 2008-06-22 18:57:09.000000000 -0400 +++ ledgersmb12.svn/distinfo 2008-11-28 12:51:59.000000000 -0500 @@ -1,3 +1,3 @@ -MD5 (ledgersmb-1.2.13.tar.gz) = 930b60b322b654fd2d7145b2b4cd2d50 -SHA256 (ledgersmb-1.2.13.tar.gz) = 70028bc77768566e0fe5c0fee3663018adc1ce78f6c84b208b0719359984388b -SIZE (ledgersmb-1.2.13.tar.gz) = 3162173 +MD5 (ledgersmb-1.2.17.tar.gz) = 472343a79ee15dd8050cc26a2cc53ebe +SHA256 (ledgersmb-1.2.17.tar.gz) = 52efd333f94f45bb8c9a8a98244efea28701e27857a9eb728bafbeee9fe5c9c6 +SIZE (ledgersmb-1.2.17.tar.gz) = 3165948 >Release-Note: >Audit-Trail: >Unformatted: