diff options
| author | spz <spz@pkgsrc.org> | 2018-05-06 09:29:50 +0000 |
|---|---|---|
| committer | spz <spz@pkgsrc.org> | 2018-05-06 09:29:50 +0000 |
| commit | c6e4671d0dad8fa62a8d272d699ab74f653d6310 (patch) | |
| tree | 88f96648a0325401a222b4e2505a04f9e2d9135c | |
| parent | 70e30f9e434747f51b288d6f2ad2f2c17968a39e (diff) | |
| download | pkgsrc-c6e4671d0dad8fa62a8d272d699ab74f653d6310.tar.gz | |
Pullup ticket #5743 - requested by taca
www/contao35: security update
Revisions pulled up:
- www/contao35/Makefile 1.39
- www/contao35/distinfo 1.31
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Apr 23 14:00:18 UTC 2018
Modified Files:
pkgsrc/www/contao35: Makefile distinfo
Log Message:
www/contao35: update to 3.5.35
Version 3.5.35 (2018-04-18)
---------------------------
### Fixed
Fix an XSS vulnerability in the system log (see CVE-2018-10125).
CVE-2018-10125
With a manipulated request, an attacker can implant a script which is executed
when a logged in back end user opens the system log. The attacker themselves
does not have to be logged in.
The problem affects Contao 3.0.0 to 3.5.34, 4.0.0 to 4.4.17 and 4.5.0 to
4.5.7. We highly recommend you to update.
To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.39 pkgsrc/www/contao35/Makefile
cvs rdiff -u -r1.30 -r1.31 pkgsrc/www/contao35/distinfo
| -rw-r--r-- | www/contao35/Makefile | 4 | ||||
| -rw-r--r-- | www/contao35/distinfo | 10 |
2 files changed, 7 insertions, 7 deletions
diff --git a/www/contao35/Makefile b/www/contao35/Makefile index d7fc8c14b36..7cd4062e6fb 100644 --- a/www/contao35/Makefile +++ b/www/contao35/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.38 2018/03/06 16:25:38 taca Exp $ +# $NetBSD: Makefile,v 1.38.2.1 2018/05/06 09:29:50 spz Exp $ # DISTNAME= contao-${CT_PKGVER} @@ -20,7 +20,7 @@ DEPENDS+= ${PHP_PKG_PREFIX}-soap>=5.4.0:../../net/php-soap DEPENDS+= ${PHP_PKG_PREFIX}-curl>=5.4.0:../../www/php-curl DEPENDS+= ${PHP_PKG_PREFIX}-zlib>=5.4.0:../../archivers/php-zlib -CT_VERSION= 3.5.34 +CT_VERSION= 3.5.35 USE_TOOLS= bash:run pax NO_BUILD= yes FILESDIR?= ${.CURDIR}/files diff --git a/www/contao35/distinfo b/www/contao35/distinfo index 07e6a09e6ef..a97c977bada 100644 --- a/www/contao35/distinfo +++ b/www/contao35/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.30 2018/03/06 16:25:38 taca Exp $ +$NetBSD: distinfo,v 1.30.2.1 2018/05/06 09:29:50 spz Exp $ -SHA1 (contao-3.5.34.tar.gz) = 3f44d54b499b2e3539f2a41ca8cbfd01e1de1ef9 -RMD160 (contao-3.5.34.tar.gz) = f59840bdbf74f2eb1e6a1682375a85ea95371962 -SHA512 (contao-3.5.34.tar.gz) = c31f207157ae4db9d4a202584450989980afa20011a3779dff89004122e59d294ed11c664fc1a7b8701d6d22b5b1714a49f255220c525d5f4b40e4bad76c5b48 -Size (contao-3.5.34.tar.gz) = 11203406 bytes +SHA1 (contao-3.5.35.tar.gz) = 398499e9e817e3f207a445135c654b7802e02a54 +RMD160 (contao-3.5.35.tar.gz) = 44ce17190a219f85740a490a8599e2edb5db9111 +SHA512 (contao-3.5.35.tar.gz) = 8131e0aaf2d54c51c624206ffd14fba8b3a46621eab93d19bc499cb041a6827f907e94a4d39fd13dfb63500e5c5e3187c267c63d8d993ca1308856b82e4297f8 +Size (contao-3.5.35.tar.gz) = 11203496 bytes |