diff options
author | hauke <hauke@pkgsrc.org> | 2020-05-19 14:21:13 +0000 |
---|---|---|
committer | hauke <hauke@pkgsrc.org> | 2020-05-19 14:21:13 +0000 |
commit | 8d52c514daa6ca4a6338ec49cd3a4ade395370cc (patch) | |
tree | 5210a88312eeb4c2a89a8564a7382d3b48318d32 | |
parent | e993430ed72d3ad007197c1dacc14a3bc8a278b1 (diff) | |
download | pkgsrc-8d52c514daa6ca4a6338ec49cd3a4ade395370cc.tar.gz |
Update www/php-glpi to v9.4.6
Upstream says...
You'll find below the changes of this bugfixes version:
- (security) Prevent execution of SQL injection while assigning a technician,
- (security) Permit to change key used to store passwords,
- (security) Improve CSRF token,
- (security) Fix several possible XSS,
- (security) Fix a few possible SQL injections,
- Fix SCSS caching issues,
- Fix inline images handling on item update,
- Fix PHP 7.4 compatibility,
- Connect to database using socket,
- and more!
The full changelog is available:
<https://github.com/glpi-project/glpi/milestone/39?closed=1>
-rw-r--r-- | www/php-glpi/Makefile | 11 | ||||
-rw-r--r-- | www/php-glpi/PLIST | 54 | ||||
-rw-r--r-- | www/php-glpi/distinfo | 10 |
3 files changed, 49 insertions, 26 deletions
diff --git a/www/php-glpi/Makefile b/www/php-glpi/Makefile index 88e798dad99..8de3c501a8d 100644 --- a/www/php-glpi/Makefile +++ b/www/php-glpi/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.12 2020/01/26 17:32:22 rillig Exp $ +# $NetBSD: Makefile,v 1.13 2020/05/19 14:21:13 hauke Exp $ DISTNAME= glpi-${GLPI_VERSION} -GLPI_VERSION= 9.4.4 -PKGREVISION= 1 +GLPI_VERSION= 9.4.6 +#PKGREVISION= 1 CATEGORIES= www MASTER_SITES= https://github.com/glpi-project/glpi/releases/download/${GLPI_VERSION}/ @@ -49,6 +49,7 @@ GLPI_DIR= share/glpi .for ddd in local_define.php CONF_FILES+= ${EGDIR}/${ddd} ${PKG_SYSCONFDIR}/${ddd} .endfor +CONF_FILES+= ${EGDIR}/var_glpi.htaccess ${VARBASE}/glpi/.htaccess MAKE_DIRS_PERMS+= ${VARBASE}/glpi ${APACHE_USER} ${APACHE_GROUP} 0700 .for ddd in _cache _cron _dumps _graphs _lock _log _pictures _plugins \ @@ -101,6 +102,10 @@ post-extract: do-install: cd ${WRKSRC}/config && ${PAX} -rw * ${DESTDIR}${PREFIX}/${EGDIR} + cd ${WRKSRC}/files && cp .htaccess \ + ${DESTDIR}${PREFIX}/${EGDIR}/var_glpi.htaccess + # Sub-tree will be re-created in VARBASE/glpi + cd ${WRKSRC} && rm -r files cd ${WRKSRC} && ${PAX} -rw . ${DESTDIR}${PREFIX}/${GLPI_DIR} .include "../../mk/apache.mk" diff --git a/www/php-glpi/PLIST b/www/php-glpi/PLIST index ab0cc79558f..517d50ea224 100644 --- a/www/php-glpi/PLIST +++ b/www/php-glpi/PLIST @@ -1,7 +1,8 @@ -@comment $NetBSD: PLIST,v 1.7 2019/09/26 14:52:24 hauke Exp $ +@comment $NetBSD: PLIST,v 1.8 2020/05/19 14:21:13 hauke Exp $ share/examples/glpi/crontab.sample share/examples/glpi/httpd-glpi.conf share/examples/glpi/local_define.php +share/examples/glpi/var_glpi.htaccess share/glpi/.htaccess share/glpi/CHANGELOG.md share/glpi/CONTRIBUTING.md @@ -173,20 +174,26 @@ share/glpi/css/tiny_mce/skins/light/img/loader.gif share/glpi/css/tiny_mce/skins/light/img/object.gif share/glpi/css/tiny_mce/skins/light/img/trans.gif share/glpi/css/tiny_mce/skins/light/skin.min.css +share/glpi/css/tiny_mce_custom.css +share/glpi/css/tiny_mce_custom.min.css share/glpi/css/win_png.htc -share/glpi/files/.htaccess -share/glpi/files/_cache/remove.txt -share/glpi/files/_cron/remove.txt -share/glpi/files/_dumps/remove.txt -share/glpi/files/_graphs/remove.txt -share/glpi/files/_lock/remove.txt -share/glpi/files/_log/remove.txt -share/glpi/files/_pictures/remove.txt -share/glpi/files/_plugins/remove.txt -share/glpi/files/_rss/remove.txt -share/glpi/files/_sessions/remove.txt -share/glpi/files/_tmp/remove.txt -share/glpi/files/_uploads/remove.txt +share/glpi/css_compiled/css_highcontrast.min.css +share/glpi/css_compiled/css_palettes_aerialgreen.min.css +share/glpi/css_compiled/css_palettes_auror.min.css +share/glpi/css_compiled/css_palettes_automn.min.css +share/glpi/css_compiled/css_palettes_classic.min.css +share/glpi/css_compiled/css_palettes_clockworkorange.min.css +share/glpi/css_compiled/css_palettes_dark.min.css +share/glpi/css_compiled/css_palettes_flood.min.css +share/glpi/css_compiled/css_palettes_greenflat.min.css +share/glpi/css_compiled/css_palettes_hipster.min.css +share/glpi/css_compiled/css_palettes_icecream.min.css +share/glpi/css_compiled/css_palettes_lightblue.min.css +share/glpi/css_compiled/css_palettes_premiumred.min.css +share/glpi/css_compiled/css_palettes_purplehaze.min.css +share/glpi/css_compiled/css_palettes_teclib.min.css +share/glpi/css_compiled/css_palettes_vintage.min.css +share/glpi/css_compiled/css_styles.min.css share/glpi/front/allassets.php share/glpi/front/apiclient.form.php share/glpi/front/auth.others.php @@ -197,7 +204,6 @@ share/glpi/front/authmail.form.php share/glpi/front/authmail.php share/glpi/front/autoupdatesystem.form.php share/glpi/front/autoupdatesystem.php -share/glpi/front/backup.php share/glpi/front/blacklist.form.php share/glpi/front/blacklist.php share/glpi/front/blacklistedmailcontent.form.php @@ -711,7 +717,6 @@ share/glpi/inc/authldapreplicate.class.php share/glpi/inc/authmail.class.php share/glpi/inc/autoload.function.php share/glpi/inc/autoupdatesystem.class.php -share/glpi/inc/backup.class.php share/glpi/inc/based_config.php share/glpi/inc/blacklist.class.php share/glpi/inc/blacklistedmailcontent.class.php @@ -779,6 +784,7 @@ share/glpi/inc/console/database/updatecommand.class.php share/glpi/inc/console/ldap/synchronizeuserscommand.class.php share/glpi/inc/console/migration/buildmissingtimestampscommand.class.php share/glpi/inc/console/migration/myisamtoinnodbcommand.class.php +share/glpi/inc/console/security/changekeycommand.class.php share/glpi/inc/console/task/unlockcommand.class.php share/glpi/inc/consumable.class.php share/glpi/inc/consumableitem.class.php @@ -866,6 +872,7 @@ share/glpi/inc/filesystem.class.php share/glpi/inc/fqdn.class.php share/glpi/inc/fqdnlabel.class.php share/glpi/inc/glpi.class.php +share/glpi/inc/glpikey.class.php share/glpi/inc/glpimailer.class.php share/glpi/inc/glpinetwork.class.php share/glpi/inc/glpipdf.class.php @@ -1258,6 +1265,8 @@ share/glpi/install/update_93_94.php share/glpi/install/update_940_941.php share/glpi/install/update_941_942.php share/glpi/install/update_942_943.php +share/glpi/install/update_943_945.php +share/glpi/install/update_945_946.php share/glpi/install/update_content.php share/glpi/install/update_to_031.php share/glpi/install/update_xx_xy.tpl.php @@ -1287,6 +1296,7 @@ share/glpi/lib/chartist-plugin-tooltip-0.0.17/LICENSE share/glpi/lib/chartist-plugin-tooltip-0.0.17/chartist-plugin-tooltip.css share/glpi/lib/chartist-plugin-tooltip-0.0.17/chartist-plugin-tooltip.js share/glpi/lib/chartist-plugin-tooltip-0.0.17/chartist-plugin-tooltip.min.js +share/glpi/lib/file-type.js share/glpi/lib/font-awesome/LICENSE.txt share/glpi/lib/font-awesome/css/all.css share/glpi/lib/font-awesome/css/all.min.css @@ -2265,6 +2275,9 @@ share/glpi/vendor/leafo/scssphp/src/SourceMap/SourceMapGenerator.php share/glpi/vendor/leafo/scssphp/src/Type.php share/glpi/vendor/leafo/scssphp/src/Util.php share/glpi/vendor/leafo/scssphp/src/Version.php +share/glpi/vendor/michelf/php-markdown/.editorconfig +share/glpi/vendor/michelf/php-markdown/.scrutinizer.yml +share/glpi/vendor/michelf/php-markdown/.travis.yml share/glpi/vendor/michelf/php-markdown/License.md share/glpi/vendor/michelf/php-markdown/Michelf/Markdown.inc.php share/glpi/vendor/michelf/php-markdown/Michelf/Markdown.php @@ -2745,6 +2758,7 @@ share/glpi/vendor/symfony/console/Tests/CommandLoader/ContainerCommandLoaderTest share/glpi/vendor/symfony/console/Tests/CommandLoader/FactoryCommandLoaderTest.php share/glpi/vendor/symfony/console/Tests/DependencyInjection/AddConsoleCommandPassTest.php share/glpi/vendor/symfony/console/Tests/Descriptor/AbstractDescriptorTest.php +share/glpi/vendor/symfony/console/Tests/Descriptor/ApplicationDescriptionTest.php share/glpi/vendor/symfony/console/Tests/Descriptor/JsonDescriptorTest.php share/glpi/vendor/symfony/console/Tests/Descriptor/MarkdownDescriptorTest.php share/glpi/vendor/symfony/console/Tests/Descriptor/ObjectsProvider.php @@ -2768,6 +2782,7 @@ share/glpi/vendor/symfony/console/Tests/Fixtures/Foo4Command.php share/glpi/vendor/symfony/console/Tests/Fixtures/Foo5Command.php share/glpi/vendor/symfony/console/Tests/Fixtures/Foo6Command.php share/glpi/vendor/symfony/console/Tests/Fixtures/FooCommand.php +share/glpi/vendor/symfony/console/Tests/Fixtures/FooHiddenCommand.php share/glpi/vendor/symfony/console/Tests/Fixtures/FooLock2Command.php share/glpi/vendor/symfony/console/Tests/Fixtures/FooLockCommand.php share/glpi/vendor/symfony/console/Tests/Fixtures/FooOptCommand.php @@ -2814,9 +2829,9 @@ share/glpi/vendor/symfony/console/Tests/Fixtures/Style/SymfonyStyle/output/outpu share/glpi/vendor/symfony/console/Tests/Fixtures/Style/SymfonyStyle/output/output_7.txt share/glpi/vendor/symfony/console/Tests/Fixtures/Style/SymfonyStyle/output/output_8.txt share/glpi/vendor/symfony/console/Tests/Fixtures/Style/SymfonyStyle/output/output_9.txt +share/glpi/vendor/symfony/console/Tests/Fixtures/TestAmbiguousCommandRegistering.php +share/glpi/vendor/symfony/console/Tests/Fixtures/TestAmbiguousCommandRegistering2.php share/glpi/vendor/symfony/console/Tests/Fixtures/TestCommand.php -share/glpi/vendor/symfony/console/Tests/Fixtures/TestTiti.php -share/glpi/vendor/symfony/console/Tests/Fixtures/TestToto.php share/glpi/vendor/symfony/console/Tests/Fixtures/application_1.json share/glpi/vendor/symfony/console/Tests/Fixtures/application_1.md share/glpi/vendor/symfony/console/Tests/Fixtures/application_1.txt @@ -2955,6 +2970,7 @@ share/glpi/vendor/symfony/console/Tests/Output/ConsoleOutputTest.php share/glpi/vendor/symfony/console/Tests/Output/NullOutputTest.php share/glpi/vendor/symfony/console/Tests/Output/OutputTest.php share/glpi/vendor/symfony/console/Tests/Output/StreamOutputTest.php +share/glpi/vendor/symfony/console/Tests/Question/ChoiceQuestionTest.php share/glpi/vendor/symfony/console/Tests/Question/ConfirmationQuestionTest.php share/glpi/vendor/symfony/console/Tests/Style/SymfonyStyleTest.php share/glpi/vendor/symfony/console/Tests/TerminalTest.php @@ -3032,6 +3048,7 @@ share/glpi/vendor/symfony/polyfill-mbstring/bootstrap.php share/glpi/vendor/tecnickcom/tcpdf/CHANGELOG.TXT share/glpi/vendor/tecnickcom/tcpdf/LICENSE.TXT share/glpi/vendor/tecnickcom/tcpdf/README.md +share/glpi/vendor/tecnickcom/tcpdf/VERSION share/glpi/vendor/tecnickcom/tcpdf/config/tcpdf_config.php share/glpi/vendor/tecnickcom/tcpdf/fonts/ae_fonts_2.0/COPYING share/glpi/vendor/tecnickcom/tcpdf/fonts/ae_fonts_2.0/ChangeLog @@ -3692,6 +3709,7 @@ share/glpi/vendor/zendframework/zend-i18n/src/View/Helper/Plural.php share/glpi/vendor/zendframework/zend-i18n/src/View/Helper/Translate.php share/glpi/vendor/zendframework/zend-i18n/src/View/Helper/TranslatePlural.php share/glpi/vendor/zendframework/zend-i18n/src/View/HelperConfig.php +share/glpi/vendor/zendframework/zend-i18n/src/View/HelperTrait.php share/glpi/vendor/zendframework/zend-json/CHANGELOG.md share/glpi/vendor/zendframework/zend-json/LICENSE.md share/glpi/vendor/zendframework/zend-json/README.md diff --git a/www/php-glpi/distinfo b/www/php-glpi/distinfo index 8b178cfe583..f4ecf5b7e55 100644 --- a/www/php-glpi/distinfo +++ b/www/php-glpi/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.8 2019/09/26 14:52:24 hauke Exp $ +$NetBSD: distinfo,v 1.9 2020/05/19 14:21:13 hauke Exp $ -SHA1 (glpi-9.4.4.tgz) = c27ef1ee25712ce1f44ba55bb56567497b91ca76 -RMD160 (glpi-9.4.4.tgz) = 108040e86b3ff6d0a21236b41eec1eb1a18f7642 -SHA512 (glpi-9.4.4.tgz) = c1bd4a8512daf48eb079c8fbee3fe1a441611040a2431c0808050c795b00a3afe7b4456384d378969201d5367257bb60c597b3b584f82ea67e83d8dfa98d397a -Size (glpi-9.4.4.tgz) = 34875134 bytes +SHA1 (glpi-9.4.6.tgz) = 358e5f85f8eb1a15f0c3d051807c48b6d2867f8c +RMD160 (glpi-9.4.6.tgz) = b56a5ef32bbae6a34ff750177c1c4cd0452735f0 +SHA512 (glpi-9.4.6.tgz) = a7bd8f2c351d17feb245716b3716268a43be513d3265916c93e0ce926bce3c754c05b9c1c237336bab74cd2ddb349c722dcaf994f39f5e1b5f2c01e0565df0de +Size (glpi-9.4.6.tgz) = 35006348 bytes |