Date: Fri, 20 Jun 2014 22:03:02 +0000 (UTC) From: Matthew Seaman <matthew@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r358641 - head/databases/phpmyadmin Message-ID: <201406202203.s5KM32qU057743@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: matthew Date: Fri Jun 20 22:03:01 2014 New Revision: 358641 URL: http://svnweb.freebsd.org/changeset/ports/358641 QAT: https://qat.redports.org/buildarchive/r358641/ Log: Security update to 4.2.4 - while here switch plist to use @sample The advisories: PMASA-2014-2 and PMASA-2014-3, have not been published yet, so there is very little concrete information about what the security problems are. About all there is comes from the change log, where the security issues are listed as: - bug #4464 [security] XSS injection due to unescaped db/table name in navigation hiding - bug #4465 [security] XSS injection due to unescaped db/table name in recent/favorite tables ChaneLog: http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.4/phpMyAdmin-4.2.4-notes.html/view MFH: 2014Q2 Modified: head/databases/phpmyadmin/Makefile head/databases/phpmyadmin/distinfo head/databases/phpmyadmin/pkg-plist-chunk Modified: head/databases/phpmyadmin/Makefile ============================================================================== --- head/databases/phpmyadmin/Makefile Fri Jun 20 21:54:10 2014 (r358640) +++ head/databases/phpmyadmin/Makefile Fri Jun 20 22:03:01 2014 (r358641) @@ -2,8 +2,7 @@ # $FreeBSD$ PORTNAME= phpMyAdmin -DISTVERSION= 4.2.3 -PORTREVISION= 1 +DISTVERSION= 4.2.4 CATEGORIES= databases www MASTER_SITES= SF/${PORTNAME:tl}/${PORTNAME}/${DISTVERSION} DISTNAME= ${PORTNAME}-${DISTVERSION}-all-languages Modified: head/databases/phpmyadmin/distinfo ============================================================================== --- head/databases/phpmyadmin/distinfo Fri Jun 20 21:54:10 2014 (r358640) +++ head/databases/phpmyadmin/distinfo Fri Jun 20 22:03:01 2014 (r358641) @@ -1,2 +1,2 @@ -SHA256 (phpMyAdmin-4.2.3-all-languages.tar.xz) = 0d96a4009494ef3a6f6b6dc2ca049251945b60350df99b72700c90850f05af48 -SIZE (phpMyAdmin-4.2.3-all-languages.tar.xz) = 5092112 +SHA256 (phpMyAdmin-4.2.4-all-languages.tar.xz) = aebcd7cfabd4993405340ecb2b76ce0cb4ab345a817ae7c371a830e22b2c2513 +SIZE (phpMyAdmin-4.2.4-all-languages.tar.xz) = 5176840 Modified: head/databases/phpmyadmin/pkg-plist-chunk ============================================================================== --- head/databases/phpmyadmin/pkg-plist-chunk Fri Jun 20 21:54:10 2014 (r358640) +++ head/databases/phpmyadmin/pkg-plist-chunk Fri Jun 20 22:03:01 2014 (r358641) @@ -1,7 +1,5 @@ @mode 640 @group %%PMA_GRP%% -@unexec if cmp -s %D/%%WWWDIR%%/config.inc.php.sample %D/%%WWWDIR%%/config.inc.php ; then rm -f %D/%%WWWDIR%%/config.inc.php ; fi -%%WWWDIR%%/config.inc.php.sample -@exec [ ! -f %B/config.inc.php ] && cp -p %B/%f %B/config.inc.php || true +@sample %%WWWDIR%%/config.inc.php.sample @mode @group
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201406202203.s5KM32qU057743>