diff options
| author | bsiegert <bsiegert@pkgsrc.org> | 2019-12-12 12:13:11 +0000 |
|---|---|---|
| committer | bsiegert <bsiegert@pkgsrc.org> | 2019-12-12 12:13:11 +0000 |
| commit | ad4bd79a23857196174620937157c047ab9060b3 (patch) | |
| tree | 432d75a857139ececc09da7b370a9451f3d89573 | |
| parent | d49e0e13ebc06bdc4b6dc9e7758345dac1471400 (diff) | |
| download | pkgsrc-ad4bd79a23857196174620937157c047ab9060b3.tar.gz | |
Pullup ticket #6100 - requested by hauke
www/davical: security fix
Revisions pulled up:
- www/davical/Makefile 1.42
- www/davical/PLIST 1.12
- www/davical/distinfo 1.17
---
Module Name: pkgsrc
Committed By: hauke
Date: Thu Dec 12 08:12:27 UTC 2019
Modified Files:
pkgsrc/www/davical: Makefile PLIST distinfo
Log Message:
Update www/davical to v1.1.9.2
>From upstream's changelog:
1.1.9.2:
Bug Fixes
Fix CSRF not being checked in collection-edit.php
Other Changes
use foreach() instead of deprecated each()
1.1.9.1:
Bug Fixes
Corrects reflected cross-site scripting (XSS) vulnerability
Corrects persistent XSS vulnerability in user/group/resource details
Corrects persistent XSS vulnerability in user/group/resource list
Adds token to address cross-site request forgery (CSRF) vulnerability
Corrects syntax error in name of collection_id
Make calquery aware of default timezone
Corrections to range-based calendar queries
Add missing 'break' to rrule.php
Other Changes
Updated PHP version requirement
| -rw-r--r-- | www/davical/Makefile | 9 | ||||
| -rw-r--r-- | www/davical/PLIST | 3 | ||||
| -rw-r--r-- | www/davical/distinfo | 10 |
3 files changed, 11 insertions, 11 deletions
diff --git a/www/davical/Makefile b/www/davical/Makefile index eef0ed0b673..94461db0f44 100644 --- a/www/davical/Makefile +++ b/www/davical/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.38 2019/09/20 07:45:21 triaxx Exp $ +# $NetBSD: Makefile,v 1.38.2.1 2019/12/12 12:13:11 bsiegert Exp $ DISTNAME= davical-${DAVICAL_VERSION} PKGNAME= ${PHP_PKG_PREFIX}-davical-${DAVICAL_VERSION} -PKGREVISION= 2 CATEGORIES= www MASTER_SITES= -https://gitlab.com/davical-project/davical/repository/archive.tar.gz?ref=${GITLAB_TAG} @@ -11,9 +10,9 @@ HOMEPAGE= https://www.davical.org/ COMMENT= Simple CalDAV server using a PostgreSQL backend LICENSE= gnu-gpl-v2 AND gnu-gpl-v3 -DAVICAL_VERSION=1.1.8 -GITLAB_TAG= r${DAVICAL_VERSION} -GITLAB_REV= 4af9595f4d0530268ac1289ba4ab2adb4890802e +DAVICAL_VERSION= 1.1.9.2 +GITLAB_TAG= r${DAVICAL_VERSION} +GITLAB_REV= 699d0778345e6b054e885efdd7348b8c676ba83f DAVICALDIR= ${PREFIX}/share/davical EGDIR= ${PREFIX}/share/examples/davical diff --git a/www/davical/PLIST b/www/davical/PLIST index 2f75322ef62..8e68f02ccef 100644 --- a/www/davical/PLIST +++ b/www/davical/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.11 2019/05/10 12:25:04 hauke Exp $ +@comment $NetBSD: PLIST,v 1.11.4.1 2019/12/12 12:13:11 bsiegert Exp $ share/davical/dba/appuser_permissions.txt share/davical/dba/base-data.sql share/davical/dba/better_perms.sql @@ -111,6 +111,7 @@ share/davical/inc/caldav-REPORT.php share/davical/inc/caldav-client-v2.php share/davical/inc/caldav-client.php share/davical/inc/check_UTF8.php +share/davical/inc/csrf_tokens.php share/davical/inc/davical_configuration_missing.php share/davical/inc/drivers_imap_pam.php share/davical/inc/drivers_ldap.php diff --git a/www/davical/distinfo b/www/davical/distinfo index e4675fc71a1..7a6e7f37ddc 100644 --- a/www/davical/distinfo +++ b/www/davical/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.15 2019/05/10 12:25:04 hauke Exp $ +$NetBSD: distinfo,v 1.15.4.1 2019/12/12 12:13:11 bsiegert Exp $ -SHA1 (davical-1.1.8.tar.gz) = b42da3733fa9d92f3e43529e4b19428707c0f4a2 -RMD160 (davical-1.1.8.tar.gz) = 620e2b16220a859cca6f751c10f847dcca30f997 -SHA512 (davical-1.1.8.tar.gz) = 86987599e4e3af5b1995ad25e589a83bb1634f5c740691b9f6d7deb7dc9970019a86ffb4e0a51e91061b11ed44046a78d873ba874a78eab0700f33f70a04cd6a -Size (davical-1.1.8.tar.gz) = 1837037 bytes +SHA1 (davical-1.1.9.2.tar.gz) = 0c86bd7755dfc14be3a1ca37cade8c5f72cf76af +RMD160 (davical-1.1.9.2.tar.gz) = af68c13afc349c8f5fefd9e19ebe6fcd781b9050 +SHA512 (davical-1.1.9.2.tar.gz) = 272ab408ac4304a30c620adf17e1848980bc839222b0d6cf969c312cf8e0d189d09f07f6b5314b146d56bc4f16b4af8e0e1c8fed7d80e8c0bf7c779c5e6e32b1 +Size (davical-1.1.9.2.tar.gz) = 1839626 bytes SHA1 (patch-aa) = a2a8be1a131cd47c6541c0a0793a00a33ba3a9f2 SHA1 (patch-ab) = 7ae06c595f54d3a959db481d303978b29ebbd899 SHA1 (patch-ac) = 357abb2ad470121f3f30d19a4602692c77661872 |