From owner-freebsd-ports-bugs@FreeBSD.ORG  Mon Oct 10 09:30:18 2005
Return-Path: <owner-freebsd-ports-bugs@FreeBSD.ORG>
X-Original-To: freebsd-ports-bugs@hub.freebsd.org
Delivered-To: freebsd-ports-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 668B716A41F
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Mon, 10 Oct 2005 09:30:18 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9491243D55
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Mon, 10 Oct 2005 09:30:17 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j9A9UHs1039043
	for <freebsd-ports-bugs@freefall.freebsd.org>;
	Mon, 10 Oct 2005 09:30:17 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j9A9UHZh039042;
	Mon, 10 Oct 2005 09:30:17 GMT (envelope-from gnats)
Resent-Date: Mon, 10 Oct 2005 09:30:17 GMT
Resent-Message-Id: <200510100930.j9A9UHZh039042@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-ports-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	Denis Shaposhnikov <dsh@vlink.ru>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 02EA816A41F
	for <FreeBSD-gnats-submit@freebsd.org>;
	Mon, 10 Oct 2005 09:20:35 +0000 (GMT)
	(envelope-from dsh@neva.vlink.ru)
Received: from deliver.smtp.vlink.ru (alias.rigel.internal.vlink.ru
	[217.23.88.17]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0FDB143D46
	for <FreeBSD-gnats-submit@freebsd.org>;
	Mon, 10 Oct 2005 09:20:34 +0000 (GMT)
	(envelope-from dsh@neva.vlink.ru)
Received: from smtp.smtp.vlink.ru (clamav.smtp.vlink.ru [192.168.4.1])
	by deliver.smtp.vlink.ru (Postfix) with ESMTP id BD1E1453B3
	for <FreeBSD-gnats-submit@freebsd.org>;
	Mon, 10 Oct 2005 13:20:32 +0400 (MSD)
Received: from neva.vlink.ru (neva.vlink.ru [217.107.252.29])
	by smtp.smtp.vlink.ru (Postfix) with ESMTP id 749AA4510D
	for <FreeBSD-gnats-submit@freebsd.org>;
	Mon, 10 Oct 2005 13:20:32 +0400 (MSD)
Received: from neva.vlink.ru (localhost [127.0.0.1])
	by neva.vlink.ru (8.13.4/8.13.4) with ESMTP id j9A9KUnA009533;
	Mon, 10 Oct 2005 13:20:30 +0400 (MSD)
	(envelope-from dsh@neva.vlink.ru)
Received: (from dsh@localhost)
	by neva.vlink.ru (8.13.4/8.13.4/Submit) id j9A9KUAh009530;
	Mon, 10 Oct 2005 13:20:30 +0400 (MSD) (envelope-from dsh)
Message-Id: <200510100920.j9A9KUAh009530@neva.vlink.ru>
Date: Mon, 10 Oct 2005 13:20:30 +0400 (MSD)
From: Denis Shaposhnikov <dsh@vlink.ru>
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
Cc: dsh@neva.vlink.ru
Subject: ports/87198: update port: www/zope28 (Hotfix 2005-10-09 Alert)
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Denis Shaposhnikov <dsh@vlink.ru>
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Oct 2005 09:30:18 -0000


>Number:         87198
>Category:       ports
>Synopsis:       update port: www/zope28 (Hotfix 2005-10-09 Alert)
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Mon Oct 10 09:30:17 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     Denis Shaposhnikov
>Release:        FreeBSD 7.0-CURRENT i386
>Organization:
>Environment:
System: FreeBSD neva.vlink.ru 7.0-CURRENT FreeBSD 7.0-CURRENT #21: Sun Aug 14 15:59:53 MSD 2005 dsh@neva.vlink.ru:/var/FreeBSD/obj/var/FreeBSD/src/sys/NEVA i386


	
>Description:

Hotfix 2005-10-09 Alert
This hotfix addresses an important security issue that affects users of Zope
versions 2.6 or higher.

This hotfix resolves a security issue with docutils.

Affected are possibly all Zope instances that expose RestructuredText
functionalies to untrusted users through the web.

>How-To-Repeat:
	
>Fix:

diff -Nru zope28.orig/Makefile zope28/Makefile
--- zope28.orig/Makefile	Mon Oct 10 13:17:18 2005
+++ zope28/Makefile	Mon Oct 10 13:15:26 2005
@@ -7,12 +7,16 @@
 
 PORTNAME=	zope
 PORTVERSION=	2.8.1
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES=	www python zope
-MASTER_SITES=	http://www.zope.org/Products/Zope/${PORTVERSION}/
+MASTER_SITES=	http://www.zope.org/Products/Zope/${PORTVERSION}/ \
+		http://www.zope.org/Products/Zope/Hotfix_2005-10-09/security_alert/:hotfix_20051009
 DISTNAME=	Zope-${PORTVERSION}-final
 EXTRACT_SUFX=	.tgz
+DISTFILES=	${DISTNAME}${EXTRACT_SUFX} \
+		Hotfix_2005-10-09.tar.gz:hotfix_20051009
 DIST_SUBDIR=	zope
+EXTRACT_ONLY=	${DISTNAME}${EXTRACT_SUFX}
 
 MAINTAINER=	dsh@vlink.ru
 COMMENT=	An object-based web application platform
@@ -60,6 +64,9 @@
 .else
 ISBATCH=	""
 .endif
+
+pre-patch:
+	${TAR} xzf ${DISTDIR}/${DIST_SUBDIR}/Hotfix_2005-10-09.tar.gz -C ${WRKSRC}/lib/python
 
 post-patch:
 	${REINPLACE_CMD} \
diff -Nru zope28.orig/distinfo zope28/distinfo
--- zope28.orig/distinfo	Mon Oct 10 13:17:18 2005
+++ zope28/distinfo	Mon Oct 10 11:20:57 2005
@@ -1,2 +1,4 @@
 MD5 (zope/Zope-2.8.1-final.tgz) = 0ec441a35175bb8d8c557b7d3c63f6f6
 SIZE (zope/Zope-2.8.1-final.tgz) = 5343921
+MD5 (zope/Hotfix_2005-10-09.tar.gz) = 607b2f4fa702d6e41f0bf960ec41979e
+SIZE (zope/Hotfix_2005-10-09.tar.gz) = 265673
diff -Nru zope28.orig/pkg-plist zope28/pkg-plist
--- zope28.orig/pkg-plist	Mon Oct 10 13:17:18 2005
+++ zope28/pkg-plist	Mon Oct 10 13:02:45 2005
@@ -3100,6 +3100,8 @@
 %%ZOPEBASEDIR%%/lib/python/docutils/languages/__init__.pyc
 %%ZOPEBASEDIR%%/lib/python/docutils/languages/af.py
 %%ZOPEBASEDIR%%/lib/python/docutils/languages/af.pyc
+%%ZOPEBASEDIR%%/lib/python/docutils/languages/ca.py
+%%ZOPEBASEDIR%%/lib/python/docutils/languages/ca.pyc
 %%ZOPEBASEDIR%%/lib/python/docutils/languages/cs.py
 %%ZOPEBASEDIR%%/lib/python/docutils/languages/cs.pyc
 %%ZOPEBASEDIR%%/lib/python/docutils/languages/de.py
@@ -3116,6 +3118,8 @@
 %%ZOPEBASEDIR%%/lib/python/docutils/languages/fr.pyc
 %%ZOPEBASEDIR%%/lib/python/docutils/languages/it.py
 %%ZOPEBASEDIR%%/lib/python/docutils/languages/it.pyc
+%%ZOPEBASEDIR%%/lib/python/docutils/languages/nl.py
+%%ZOPEBASEDIR%%/lib/python/docutils/languages/nl.pyc
 %%ZOPEBASEDIR%%/lib/python/docutils/languages/pt_br.py
 %%ZOPEBASEDIR%%/lib/python/docutils/languages/pt_br.pyc
 %%ZOPEBASEDIR%%/lib/python/docutils/languages/ru.py
@@ -3132,6 +3136,7 @@
 %%ZOPEBASEDIR%%/lib/python/docutils/parsers/__init__.pyc
 %%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/__init__.py
 %%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/__init__.pyc
+%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/directives/.misc.py.swo
 %%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/directives/__init__.py
 %%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/directives/__init__.pyc
 %%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/directives/admonitions.py
@@ -3154,6 +3159,8 @@
 %%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/__init__.pyc
 %%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/af.py
 %%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/af.pyc
+%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/ca.py
+%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/ca.pyc
 %%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/cs.py
 %%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/cs.pyc
 %%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/de.py
@@ -3170,6 +3177,8 @@
 %%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/fr.pyc
 %%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/it.py
 %%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/it.pyc
+%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/nl.py
+%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/nl.pyc
 %%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/pt_br.py
 %%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/pt_br.pyc
 %%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/ru.py
@@ -3230,6 +3239,10 @@
 %%ZOPEBASEDIR%%/lib/python/docutils/writers/html4css1.pyc
 %%ZOPEBASEDIR%%/lib/python/docutils/writers/latex2e.py
 %%ZOPEBASEDIR%%/lib/python/docutils/writers/latex2e.pyc
+%%ZOPEBASEDIR%%/lib/python/docutils/writers/newlatex2e.py
+%%ZOPEBASEDIR%%/lib/python/docutils/writers/newlatex2e.pyc
+%%ZOPEBASEDIR%%/lib/python/docutils/writers/null.py
+%%ZOPEBASEDIR%%/lib/python/docutils/writers/null.pyc
 %%ZOPEBASEDIR%%/lib/python/docutils/writers/pep_html.py
 %%ZOPEBASEDIR%%/lib/python/docutils/writers/pep_html.pyc
 %%ZOPEBASEDIR%%/lib/python/docutils/writers/pseudoxml.py
>Release-Note:
>Audit-Trail:
>Unformatted: