diff options
author | obache <obache@pkgsrc.org> | 2010-01-26 02:01:36 +0000 |
---|---|---|
committer | obache <obache@pkgsrc.org> | 2010-01-26 02:01:36 +0000 |
commit | 291c0ef4bf09de23a602806ee5475e286c3c5a5a (patch) | |
tree | 3e2f02d493d5611365e16ef39db8881c23c86c19 | |
parent | 913c0e494780c47c74822e1ad5aff40f36444858 (diff) | |
download | pkgsrc-291c0ef4bf09de23a602806ee5475e286c3c5a5a.tar.gz |
Update ja-trac to 0.11.6pl1,aka Trac-0.11.6.ja1.
(security fixes are already by 0.11.5pl1nb1 in pkgsrc)
Trac-0.11.6.ja1 (Jan 24, 2010)
* Merge Trac-0.11.6
* Apply patch
- trac:changeset:8997
Trac 0.11.6 (November 28, 2009)
http://svn.edgewall.org/repos/trac/tags/trac-0.11.6
Trac 0.11.6 contains two security fixes and a number of bug fixes,
performance improvements and minor enhancements. The following list
contains only a few highlights:
Security fixes:
* Fixed the policy checks in report results when using alternate formats.
* Added a check for the "raw" role that is missing in docutils < 0.6.
Performance improvements:
* Re-enabled connection pooling with SQLite (#3446).
* Added caching of configuration options (#8510).
Bug fixes:
* Fixed the "database is locked" issue with SQLite (#3446, #8468).
* Deprecated SQLite 2.x support (#8625).
* Fixed hanlding of times in timezones with DST (#8240).
* Avoid corruption of trac.ini during write (#8623).
* Improved support for revision ranges in revision log view (#8349)
-rw-r--r-- | www/ja-trac/Makefile | 5 | ||||
-rw-r--r-- | www/ja-trac/distinfo | 10 | ||||
-rw-r--r-- | www/ja-trac/patches/patch-ab | 32 | ||||
-rw-r--r-- | www/ja-trac/patches/patch-ac | 37 |
4 files changed, 6 insertions, 78 deletions
diff --git a/www/ja-trac/Makefile b/www/ja-trac/Makefile index 1b2566b1e3d..ec7ce86f01e 100644 --- a/www/ja-trac/Makefile +++ b/www/ja-trac/Makefile @@ -1,9 +1,8 @@ -# $NetBSD: Makefile,v 1.28 2010/01/06 13:19:45 obache Exp $ +# $NetBSD: Makefile,v 1.29 2010/01/26 02:01:36 obache Exp $ # -DISTNAME= Trac-0.11.5.ja1 +DISTNAME= Trac-0.11.6.ja1 PKGNAME= ja-${DISTNAME:tl:S/.ja/pl/} -PKGREVISION= 1 CATEGORIES= www devel MASTER_SITES= http://www.i-act.co.jp/project/products/downloads/ EXTRACT_SUFX= .zip diff --git a/www/ja-trac/distinfo b/www/ja-trac/distinfo index 24a6d587b93..1f40dbd1b0e 100644 --- a/www/ja-trac/distinfo +++ b/www/ja-trac/distinfo @@ -1,7 +1,5 @@ -$NetBSD: distinfo,v 1.19 2010/01/06 13:19:45 obache Exp $ +$NetBSD: distinfo,v 1.20 2010/01/26 02:01:36 obache Exp $ -SHA1 (Trac-0.11.5.ja1.zip) = e2a53ac73fad0751587313a41267f70410359372 -RMD160 (Trac-0.11.5.ja1.zip) = e5f12051270b355d1e07a361e0378372f807cbe8 -Size (Trac-0.11.5.ja1.zip) = 1008558 bytes -SHA1 (patch-ab) = 572537f6531dcaa793da288465e01e73f107d969 -SHA1 (patch-ac) = 326b50fb8e190b285d609b3e437787c069edf613 +SHA1 (Trac-0.11.6.ja1.zip) = 11079c7493406c91fea31ef3facda7ae7e3281d9 +RMD160 (Trac-0.11.6.ja1.zip) = 7e0dd8864e375b676ad7badccda8dd0019a459ba +Size (Trac-0.11.6.ja1.zip) = 1050176 bytes diff --git a/www/ja-trac/patches/patch-ab b/www/ja-trac/patches/patch-ab deleted file mode 100644 index 52d944f5cab..00000000000 --- a/www/ja-trac/patches/patch-ab +++ /dev/null @@ -1,32 +0,0 @@ -$NetBSD: patch-ab,v 1.1 2010/01/06 13:19:45 obache Exp $ - -CVE-2009-4405 -http://trac.edgewall.org/changeset/8813 - ---- trac/mimeview/rst.py.orig 2009-02-24 20:53:20.000000000 +0000 -+++ trac/mimeview/rst.py -@@ -43,6 +43,24 @@ from trac.web.href import Href - from trac.wiki.api import WikiSystem - from trac.wiki.formatter import WikiProcessor, Formatter, extract_link - -+if has_docutils and StrictVersion(__version__) < StrictVersion('0.6'): -+ # Monkey-patch "raw" role handler in docutils to add a missing check -+ # See docutils bug #2845002 on SourceForge -+ def raw_role(role, rawtext, text, lineno, inliner, options={}, content=[]): -+ if not inliner.document.settings.raw_enabled: -+ msg = inliner.reporter.warning('raw (and derived) roles disabled') -+ prb = inliner.problematic(rawtext, rawtext, msg) -+ return [prb], [msg] -+ return _raw_role(role, rawtext, text, lineno, inliner, options, -+ content) -+ -+ from docutils.parsers.rst import roles -+ raw_role.options = roles.raw_role.options -+ _raw_role = roles.raw_role -+ roles.raw_role = raw_role -+ roles.register_canonical_role('raw', raw_role) -+ -+ - class ReStructuredTextRenderer(Component): - """ - Renders plain text in reStructuredText format as HTML. diff --git a/www/ja-trac/patches/patch-ac b/www/ja-trac/patches/patch-ac deleted file mode 100644 index 0664cb0f1b3..00000000000 --- a/www/ja-trac/patches/patch-ac +++ /dev/null @@ -1,37 +0,0 @@ -$NetBSD: patch-ac,v 1.1 2010/01/06 13:19:45 obache Exp $ - -CVE-2009-4405 -http://trac.edgewall.org/changeset/8816 - ---- trac/ticket/report.py.orig 2009-07-02 17:01:40.000000000 +0000 -+++ trac/ticket/report.py -@@ -400,6 +400,7 @@ class ReportModule(Component): - # - group rows according to __group__ value, if defined - # - group cells the same way headers are grouped - row_groups = [] -+ authorized_results = [] - prev_group_value = None - for row_idx, result in enumerate(results): - col_idx = 0 -@@ -439,6 +440,7 @@ class ReportModule(Component): - # FIXME: for now, we still need to hardcode the realm in the action - if resource.realm.upper()+'_VIEW' not in req.perm(resource): - continue -+ authorized_results.append(result) - if email_cells: - for cell in email_cells: - emails = Chrome(self.env).format_emails(context(resource), -@@ -474,11 +476,11 @@ class ReportModule(Component): - return 'report.rss', data, 'application/rss+xml' - elif format == 'csv': - filename = id and 'report_%s.csv' % id or 'report.csv' -- self._send_csv(req, cols, results, mimetype='text/csv', -+ self._send_csv(req, cols, authorized_results, mimetype='text/csv', - filename=filename) - elif format == 'tab': - filename = id and 'report_%s.tsv' % id or 'report.tsv' -- self._send_csv(req, cols, results, '\t', -+ self._send_csv(req, cols, authorized_results, '\t', - mimetype='text/tab-separated-values', - filename=filename) - else: |