Date: Sat, 7 Mar 2009 12:08:24 +0100 (CET) From: Gerhard Schmidt <estartu@augusta.de> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/132383: HotFix for vulnerability http://VuXML.FreeBSD.org/34414a1e-e377-11db-b8ab-000c76189c4c.html included Message-ID: <200903071108.n27B8Oc9034431@etustar.starbox.augusta.de> Resent-Message-ID: <200903071200.n27C0HnU032593@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 132383 >Category: ports >Synopsis: HotFix for vulnerability http://VuXML.FreeBSD.org/34414a1e-e377-11db-b8ab-000c76189c4c.html included >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Sat Mar 07 12:00:16 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Gerhard Schmidt <estartu@augusta.de> >Release: FreeBSD 7.1-RELEASE-p3 amd64 >Organization: Augsburger Computer Forum e.V. >Environment: System: FreeBSD etustar.starbox.augusta.de 7.1-RELEASE-p3 FreeBSD 7.1-RELEASE-p3 #0: Fri Feb 27 10:29:29 CET 2009 root@etustar.starbox.augusta.de:/usr/src/sys/amd64/compile/ETUSTAR amd64 >Description: HotFix for vulnerability http://VuXML.FreeBSD.org/34414a1e-e377-11db-b8ab-000c76189c4c.html included The unittests privided with the Hotfix running without error >How-To-Repeat: >Fix: --- Makefile.orig 2009-03-07 12:03:57.000000000 +0100 +++ Makefile 2009-03-07 12:02:26.000000000 +0100 @@ -7,25 +7,22 @@ PORTNAME= zope PORTVERSION= 2.7.9 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= www python zope MASTER_SITES= http://www.zope.org/Products/Zope/Zope-${PORTVERSION}/:src \ - http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/:hotfix + http://www.zope.org/Products/Zope/Hotfix-2007-03-20/Hotfix-20070320/:hotfix DISTFILES= Zope-${PORTVERSION}-final.tgz:src \ - ${HOTFIX}.tar.gz:hotfix + ${HOTFIX}.tgz:hotfix MAINTAINER= estartu@augusta.de COMMENT= An object-based web application platform WRKSRC= ${WRKDIR}/Zope-${PORTVERSION}-final -USE_PYTHON= 2.3 +USE_PYTHON= 2.4 USE_RC_SUBR= yes DIST_SUBDIR= zope -HOTFIX= Hotfix_20060821 +HOTFIX= Hotfix_20070320 -FORBIDDEN= contains cross-site scripting vulnerability http://VuXML.FreeBSD.org/34414a1e-e377-11db-b8ab-000c76189c4c.html -DEPRECATED= has been forbidden for more than 6 months -EXPIRATION_DATE=2009-01-19 # Note: the notes that follow reflect the decisions of prior maintainers # of this port. IOW, don't blame me if you don't like the way it's done. --- distinfo.orig 2009-03-07 12:04:12.000000000 +0100 +++ distinfo 2009-03-07 11:32:53.000000000 +0100 @@ -1,6 +1,6 @@ MD5 (zope/Zope-2.7.9-final.tgz) = d44e19ca501f6629375f8f0b40c72e08 SHA256 (zope/Zope-2.7.9-final.tgz) = b3982421dded26e95c8a5a7272365224ba399d552a143a9d457509f11b9d94ab SIZE (zope/Zope-2.7.9-final.tgz) = 2993519 -MD5 (zope/Hotfix_20060821.tar.gz) = 5cb921d15ff6d290bfc73bdc20ff67c1 -SHA256 (zope/Hotfix_20060821.tar.gz) = 6ba5f717cc7443c6182c5b829f2a4228e7c56667d07e2b6fad8323ab1ec850af -SIZE (zope/Hotfix_20060821.tar.gz) = 1050 +MD5 (zope/Hotfix_20070320.tgz) = 0b4cd365d99731e18827ead11400087d +SHA256 (zope/Hotfix_20070320.tgz) = 3b8760301826aba22386a561de48523663fc7840fc11280e2c34163ba4be383a +SIZE (zope/Hotfix_20070320.tgz) = 3805 --- pkg-plist.orig 2009-03-07 12:04:38.000000000 +0100 +++ pkg-plist 2009-03-07 11:56:49.000000000 +0100 @@ -711,10 +711,14 @@ %%ZOPEBASEDIR%%/lib/python/Products/ExternalMethod/tests/testExternalMethod.pyc %%ZOPEBASEDIR%%/lib/python/Products/ExternalMethod/version.txt %%ZOPEBASEDIR%%/lib/python/Products/ExternalMethod/www/function.gif -%%ZOPEBASEDIR%%/lib/python/Products/Hotfix_20060821/README.txt -%%ZOPEBASEDIR%%/lib/python/Products/Hotfix_20060821/__init__.py -%%ZOPEBASEDIR%%/lib/python/Products/Hotfix_20060821/__init__.pyc -%%ZOPEBASEDIR%%/lib/python/Products/Hotfix_20060821/version.txt +%%ZOPEBASEDIR%%/lib/python/Products/Hotfix_20070320/README.txt +%%ZOPEBASEDIR%%/lib/python/Products/Hotfix_20070320/__init__.py +%%ZOPEBASEDIR%%/lib/python/Products/Hotfix_20070320/__init__.pyc +%%ZOPEBASEDIR%%/lib/python/Products/Hotfix_20070320/version.txt +%%ZOPEBASEDIR%%/lib/python/Products/Hotfix_20070320/tests/__init__.py +%%ZOPEBASEDIR%%/lib/python/Products/Hotfix_20070320/tests/__init__.pyc +%%ZOPEBASEDIR%%/lib/python/Products/Hotfix_20070320/tests/test_hotfix.py +%%ZOPEBASEDIR%%/lib/python/Products/Hotfix_20070320/tests/test_hotfix.pyc %%ZOPEBASEDIR%%/lib/python/Products/MIMETools/MIMETag.py %%ZOPEBASEDIR%%/lib/python/Products/MIMETools/MIMETag.pyc %%ZOPEBASEDIR%%/lib/python/Products/MIMETools/README.txt @@ -3104,7 +3108,8 @@ @dirrm %%ZOPEBASEDIR%%/lib/python/Products/MailHost/dtml @dirrm %%ZOPEBASEDIR%%/lib/python/Products/MailHost @dirrm %%ZOPEBASEDIR%%/lib/python/Products/MIMETools -@dirrm %%ZOPEBASEDIR%%/lib/python/Products/Hotfix_20060821 +@dirrm %%ZOPEBASEDIR%%/lib/python/Products/Hotfix_20070320/tests +@dirrm %%ZOPEBASEDIR%%/lib/python/Products/Hotfix_20070320 @dirrm %%ZOPEBASEDIR%%/lib/python/Products/ExternalMethod/www @dirrm %%ZOPEBASEDIR%%/lib/python/Products/ExternalMethod/tests/Extensions @dirrm %%ZOPEBASEDIR%%/lib/python/Products/ExternalMethod/tests >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200903071108.n27B8Oc9034431>