Date: Thu, 7 May 2020 20:04:23 +0000 (UTC) From: Matthias Andree <mandree@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r534286 - head/mail/mailman Message-ID: <202005072004.047K4NNf050682@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mandree Date: Thu May 7 20:04:23 2020 New Revision: 534286 URL: https://svnweb.freebsd.org/changeset/ports/534286 Log: mail/mailman: security update to 2.1.33 Fixing another content injection vulnerability, this time via private archive login if the list's roster visibility (private_roster) setting is 'Anyone'. https://bugs.launchpad.net/mailman/+bug/1877379 https://launchpadlibrarian.net/478684932/private.diff https://mail.python.org/archives/list/mailman-developers@python.org/thread/SYBIZ3MNSQZLKN6PVKO7ZKR7QMOBMS45/ Security: 88760f4d-8ef7-11ea-a66d-4b2ef158be83 Modified: head/mail/mailman/Makefile head/mail/mailman/distinfo Modified: head/mail/mailman/Makefile ============================================================================== --- head/mail/mailman/Makefile Thu May 7 20:02:24 2020 (r534285) +++ head/mail/mailman/Makefile Thu May 7 20:04:23 2020 (r534286) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= mailman -DISTVERSION= 2.1.32 +DISTVERSION= 2.1.33 PORTREVISION= 0 CATEGORIES= mail MASTER_SITES= GNU \ @@ -128,11 +128,11 @@ MAIL_GID?= _smtpd PKGNAMESUFFIX+= -with-htdig # how to create PATCHFILES: #X identify what is the version of msapiro's patches corresponding to the release. -#X fetch http://bazaar.launchpad.net/~msapiro/mailman/htdig/tarball/1814 +#X fetch http://bazaar.launchpad.net/~msapiro/mailman/htdig/tarball/1815 #X unpack this tarball, and the original distfile -#X diff -NEur original-unpack bazaar-unpack | xz --best -c >msapiro-htdig-1814.patch.xz +#X diff -NEur original-unpack bazaar-unpack | xz --best -c >msapiro-htdig-1815.patch.xz #X upload the latter with mode 0644 or similar to freefall's public_distfiles/ directory -_HTDIGREV= 1814 +_HTDIGREV= 1815 PATCHFILES+= msapiro-htdig-${_HTDIGREV}.patch.xz RUN_DEPENDS+= htdig:textproc/htdig PLIST_SUB+= SUB_HTDIG="" Modified: head/mail/mailman/distinfo ============================================================================== --- head/mail/mailman/distinfo Thu May 7 20:02:24 2020 (r534285) +++ head/mail/mailman/distinfo Thu May 7 20:04:23 2020 (r534286) @@ -1,5 +1,5 @@ -TIMESTAMP = 1588720179 -SHA256 (mailman/mailman-2.1.32.tgz) = 3755322b23cb41cd726407658dc1ae0d2dcc9887c9239945491a551933505e5d -SIZE (mailman/mailman-2.1.32.tgz) = 9413055 -SHA256 (mailman/msapiro-htdig-1814.patch.xz) = 91c69185f06e2d581d5a4429e678b740074016511557dae4aa5ee7ded0be349c -SIZE (mailman/msapiro-htdig-1814.patch.xz) = 50400 +TIMESTAMP = 1588881655 +SHA256 (mailman/mailman-2.1.33.tgz) = 6d7e81753c78120f479a275ea623194cac188a3daf301eb76aa9d39a942d5234 +SIZE (mailman/mailman-2.1.33.tgz) = 9412979 +SHA256 (mailman/msapiro-htdig-1815.patch.xz) = 740aeb99b1e25706ad32bd73ac2035f758b5ec566856d6816aed76496931563b +SIZE (mailman/msapiro-htdig-1815.patch.xz) = 50408
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202005072004.047K4NNf050682>