Date: Fri, 23 Mar 2007 21:33:03 GMT From: Yasushi Hayashi<yasi@yasi.to> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/110733: [maintainer update] www/zope210 update to fix vulnerability Message-ID: <200703232133.l2NLX3ta080064@www.freebsd.org> Resent-Message-ID: <200703232140.l2NLe3q7018679@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 110733 >Category: ports >Synopsis: [maintainer update] www/zope210 update to fix vulnerability >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Fri Mar 23 21:40:03 GMT 2007 >Closed-Date: >Last-Modified: >Originator: Yasushi Hayashi >Release: FreeBSD 6.2-STABLE i386 >Organization: >Environment: System: FreeBSD www.yasi.to 6.2-STABLE FreeBSD 6.2-STABLE #1: Sat Feb 10 09:05:27 JST 2007 root@www.yasi.to:/usr/obj/usr/src/sys/GENERIC i386 >Description: In March 20,2007, Zope.org released hotfix for cross-site scripting vulnerability. See: http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view This PR upgrade www/zope210. >How-To-Repeat: >Fix: Patch attached with submission follows: diff -urN /usr/ports/www/zope210.old/Makefile /usr/ports/www/zope210/Makefile --- /usr/ports/www/zope210.old/Makefile Sat Jan 27 10:39:17 2007 +++ /usr/ports/www/zope210/Makefile Thu Mar 22 21:34:03 2007 @@ -7,10 +7,14 @@ PORTNAME= zope210 PORTVERSION= 2.10.2 +PORTREVISION= 1 CATEGORIES= www python zope -MASTER_SITES= http://www.zope.org/Products/Zope/${PORTVERSION}/ +MASTER_SITES= http://www.zope.org/Products/Zope/${PORTVERSION}/ \ + http://www.zope.org/Products/Zope/Hotfix-2007-03-20/Hotfix-20070320/:hotfix DISTNAME= Zope-${PORTVERSION} EXTRACT_SUFX= .tgz +DISTFILES= ${DISTNAME}${EXTRACT_SUFX} \ + Hotfix_20070320.tgz:hotfix DIST_SUBDIR= zope MAINTAINER= yasi@yasi.to @@ -75,6 +79,7 @@ post-build: -@${PYTHON_CMD} ${PYTHON_LIBDIR}/compileall.py ${WRKSRC}/ + -@${PYTHON_CMD} ${PYTHON_LIBDIR}/compileall.py ${WRKDIR}/Hotfix_20070320/ post-install: ${MV} ${ZOPEBASEDIR}/skel/etc/zope.conf.in \ @@ -83,6 +88,7 @@ ${MKDIR} ${ZOPEBASEDIR}/Products ${CP} ${FILESDIR}/Products_00readme-freebsd.txt \ ${ZOPEBASEDIR}/Products/00readme-freebsd.txt + ${CP} -R ${WRKDIR}/Hotfix_20070320 ${ZOPEBASEDIR}/Products/ ${FIND} ${ZOPEBASEDIR} -type f -print0 | ${XARGS} -0 -- ${CHMOD} a-w+r diff -urN /usr/ports/www/zope210.old/distinfo /usr/ports/www/zope210/distinfo --- /usr/ports/www/zope210.old/distinfo Fri Jan 26 22:24:23 2007 +++ /usr/ports/www/zope210/distinfo Thu Mar 22 21:19:55 2007 @@ -1,3 +1,6 @@ MD5 (zope/Zope-2.10.2.tgz) = 4f4e2afe23c19def16ba43db4b6252cb SHA256 (zope/Zope-2.10.2.tgz) = f08887f2f3a3225a47427814fd7ff99603a1fb0f905df68306792a1cc486d94b SIZE (zope/Zope-2.10.2.tgz) = 7089784 +MD5 (zope/Hotfix_20070320.tgz) = 0b4cd365d99731e18827ead11400087d +SHA256 (zope/Hotfix_20070320.tgz) = 3b8760301826aba22386a561de48523663fc7840fc11280e2c34163ba4be383a +SIZE (zope/Hotfix_20070320.tgz) = 3805 diff -urN /usr/ports/www/zope210.old/pkg-plist /usr/ports/www/zope210/pkg-plist --- /usr/ports/www/zope210.old/pkg-plist Fri Jan 26 22:52:55 2007 +++ /usr/ports/www/zope210/pkg-plist Thu Mar 22 21:43:44 2007 @@ -1,4 +1,12 @@ %%ZOPEBASEDIR%%/Products/00readme-freebsd.txt +%%ZOPEBASEDIR%%/Products/Hotfix_20070320/README.txt +%%ZOPEBASEDIR%%/Products/Hotfix_20070320/__init__.py +%%ZOPEBASEDIR%%/Products/Hotfix_20070320/__init__.pyc +%%ZOPEBASEDIR%%/Products/Hotfix_20070320/tests/__init__.py +%%ZOPEBASEDIR%%/Products/Hotfix_20070320/tests/__init__.pyc +%%ZOPEBASEDIR%%/Products/Hotfix_20070320/tests/test_hotfix.py +%%ZOPEBASEDIR%%/Products/Hotfix_20070320/tests/test_hotfix.pyc +%%ZOPEBASEDIR%%/Products/Hotfix_20070320/version.txt %%ZOPEBASEDIR%%/bin/README.txt %%ZOPEBASEDIR%%/bin/analyze.py %%ZOPEBASEDIR%%/bin/analyze.pyc @@ -9854,5 +9862,7 @@ @dirrm %%ZOPEBASEDIR%%/skel/etc/package-includes @dirrm %%ZOPEBASEDIR%%/skel/etc @dirrm %%ZOPEBASEDIR%%/skel +@dirrm %%ZOPEBASEDIR%%/Products/Hotfix_20070320/tests +@dirrm %%ZOPEBASEDIR%%/Products/Hotfix_20070320 @dirrmtry %%ZOPEBASEDIR%%/Products @dirrmtry %%ZOPEBASEDIR%% >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200703232133.l2NLX3ta080064>