diff options
author | tron <tron> | 2010-05-17 22:38:02 +0000 |
---|---|---|
committer | tron <tron> | 2010-05-17 22:38:02 +0000 |
commit | 62fdfc392d2619f24e5aeee4ac20015090428c07 (patch) | |
tree | 25aec192a71b835c565624d8fa78bd38950567d9 | |
parent | 07002e14b61d2285fb8902ba4982245932160dbb (diff) | |
download | pkgsrc-62fdfc392d2619f24e5aeee4ac20015090428c07.tar.gz |
Pullup ticket #3123 - requested by taca
www/geeklog: security update
Revisioned pulled up:
- www/geeklog/Makefile 1.27
- www/geeklog/distinfo 1.13
---
Module Name: pkgsrc
Committed By: taca
Date: Mon May 17 15:46:38 UTC 2010
Modified Files:
pkgsrc/www/geeklog: Makefile distinfo
Log Message:
Update geeklog package to 1.6.1.1 (1.6.1sr1).
May 9, 2010 (1.6.1sr1)
------------
This release addresses the following security issue:
The autologin (using the long-term session cookie) is vulnerable to dictionary
attacks. This issue was originally reported by Bookoo of the Nine Situations
Group in one of his reports in April 2009 but apparently overlooked by the
Geeklog Team. Thanks to geeklog.net user Jack for pointing this out.
-rw-r--r-- | www/geeklog/Makefile | 5 | ||||
-rw-r--r-- | www/geeklog/distinfo | 8 |
2 files changed, 6 insertions, 7 deletions
diff --git a/www/geeklog/Makefile b/www/geeklog/Makefile index e6514fa7bc8..7cac45d3d26 100644 --- a/www/geeklog/Makefile +++ b/www/geeklog/Makefile @@ -1,9 +1,8 @@ -# $NetBSD: Makefile,v 1.26 2010/02/19 19:58:38 joerg Exp $ +# $NetBSD: Makefile,v 1.26.2.1 2010/05/17 22:38:02 tron Exp $ # DISTNAME= geeklog-${VER} PKGNAME= geeklog-${VER:C/(sr|-)/./g} -PKGREVISION= 1 CATEGORIES= www MASTER_SITES= http://www.geeklog.net/filemgmt/upload_dir/ @@ -20,7 +19,7 @@ DEPENDS+= ${PHP_PKG_PREFIX}-mysql>=4.3.0:../../databases/php-mysql USE_TOOLS+= pax -VER= 1.6.1 +VER= 1.6.1sr1 NO_BUILD= YES PKG_GROUPS_VARS+= APACHE_GROUP diff --git a/www/geeklog/distinfo b/www/geeklog/distinfo index b373eca02ee..9097c558ff9 100644 --- a/www/geeklog/distinfo +++ b/www/geeklog/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.12 2009/11/30 15:44:45 taca Exp $ +$NetBSD: distinfo,v 1.12.4.1 2010/05/17 22:38:02 tron Exp $ -SHA1 (geeklog-1.6.1.tar.gz) = f95e5d9d241e6b190ea0a50e759e825e9dc44f61 -RMD160 (geeklog-1.6.1.tar.gz) = 9e3c91caae7c293fc0ceaae6fa0a585cb7192a82 -Size (geeklog-1.6.1.tar.gz) = 5040246 bytes +SHA1 (geeklog-1.6.1sr1.tar.gz) = 1af1fc4244622fbe404c1a70fb5913c876dc5c4c +RMD160 (geeklog-1.6.1sr1.tar.gz) = 61f36dc35aee656ac5bbc8092b1a405b3475ca2e +Size (geeklog-1.6.1sr1.tar.gz) = 5040323 bytes SHA1 (patch-aa) = 61cc381e4c3def555806ed4589446f466f6f8368 SHA1 (patch-aj) = 2960d225a690fe6af0819d69a27615425291b921 SHA1 (patch-ak) = 387f14ace88c0390a2647453a08491500b099c78 |