diff options
| author | sbd <sbd> | 2011-01-03 22:45:47 +0000 |
|---|---|---|
| committer | sbd <sbd> | 2011-01-03 22:45:47 +0000 |
| commit | c29dfaf3ceb813cddca39adfed94a3cca9cdedd4 (patch) | |
| tree | 72f39e543b1b44a09935d4f247133a44db8a9f3b | |
| parent | c99e001aeb76ec2ac533deefa45f1bebf2231559 (diff) | |
| download | pkgsrc-c29dfaf3ceb813cddca39adfed94a3cca9cdedd4.tar.gz | |
Pullup ticket #3315 - requested by taca
www/geeklog security fix
Revisions pulled up:
- pkgsrc/www/geeklog/Makefile 1.29, 1.30
- pkgsrc/www/geeklog/PLIST 1.14
- pkgsrc/www/geeklog/distinfo 1.15, 1.16
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 4 15:52:10 UTC 2010
Modified Files:
pkgsrc/www/geeklog: Makefile PLIST distinfo
Log Message:
Update www/geeklog package to 1.7.1.
Geeklog History/Changes:
Oct 31, 2010 (1.7.1)
------------
- Fixed description of $index parameter for STORY_renderArticle (bug #0001203)
[Dirk]
- The number of successfully imported users was always reported as 0 for the
"Batch Add" option in the User Manager (bug #0001211) [Ivy, Dirk]
- Fixed a bug in the MS SQL changeDESCRIBE method to properly prefix the proper
sql query string [Randy]
- Updated Hebrew language files, provided by LWC
- New Italian language files for the Links plugin, provided by Rouslan Placella
- Updated Italian language files for the Static Pages plugin, provided by
Rouslan Placella
Calendar Plugin
---------------
- Fixed an SQL error when returning search results for the Personal Calendar
(bug #0001195) [Dirk]
Oct 10, 2010 (1.7.1rc1)
------------
- If content from an Autotag produces another Autotag it will be executed (to a
maximum of 5 times) [Tom]
- Themes can now have their own display functions for the start and end of
Blocks. (Feature #0001188) [Tom]
- Reverted a change in 1.7.0 that would send a Content-Type header when calling
COM_refresh since this conflicts with some plugins (e.g. the Forum) [Dirk]
- Fixed wrong view after posting a comment on a poll (bug #0001080, patch
provided by Wojtek Szkutnik)
- Fixed language in the dropdown for the permanent cookie in the Configuration
(bug #0001117, patch provided by Eric Brisco)
- Added cancel and delete buttons to comment edit and submission forms when
needed. (Feature #0000981) [Tom]
- Reverted parts of the changes for bug #0001057: Do _not_ escape curly braces
when displaying a block's content (bug #0001156). If you run into the problem
that words in curly braces inside blocks are interpreted as template
variables, simply add a space after the opening and/or the closing brace
[Dirk]
- Autotags can now be inserted directly into template files.
(Feature #0001181) [Tom]
- Plugins are able to control moderation and return a string to be displayed.
(Feature #0000619 patch provided by jmucchiello)
- Admin lists can now display a 0 in a column instead of being blank
(bug #0001060 patch provided by jmucchiello)
- Fixed "Show & Hide Boxes" option in My Account (reported by Pushkar) [Dirk]
- Display the topic name (instead of the topic id) in the list of draft stories
(bug #0001171) [Dirk]
- Fixed COM_formatTimeString to correctly handle intervals bigger than 4 weeks
(bug #0001158) [Dirk]
- Call PLG_templateSetVars for the Advanced Search form [Dirk]
- Make sure we keep the current status of the user's Advanced Editor option
even when Advanced Editor is disabled for the site (Thanks, Markus) [Dirk]
- Comment submissions for plugins were missing the type [Dirk]
- In the Group Editor, hide the 'Apply "Default Group" change' option until the
state of the "Default Group" checkbox changes (feature request #0001116,
patch provided by Dushyant Tiwari)
- Fixed handling of $LANG_DIRECTION in the install script (cf. bug #0000871)
- Fixed query highlighting in articles - didn't work for queries that contained
characters filtered by COM_applyFilter [Dirk]
- Updated Japanese language file, provided by the Geeklog.jp group
- New and updated French (France) language files, provided by Ben
- Updated Hebrew language file for the Links plugin, provided by LWC
Static Pages Plugin
-------------------
- Call up the Advanced Editor when enabled (bug #0001147, patch provided by
Samuel Leathers)
- A Static Page can now be marked as a template and used by other Static Pages.
(Feature #0001085) [Tom]
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Jan 3 01:57:25 UTC 2011
Modified Files:
pkgsrc/www/geeklog: Makefile distinfo
Log Message:
Update geeklog package to 1.7.1.1 (1.7.1sr1), security fix.
Jan 2, 2011 (1.7.1sr1)
------------
This release addresses the following security issue:
Aung Khant of the YGN Ethical Hacker Group reported an XSS in the admin's
configuration panel.
| -rw-r--r-- | www/geeklog/Makefile | 4 | ||||
| -rw-r--r-- | www/geeklog/PLIST | 19 | ||||
| -rw-r--r-- | www/geeklog/distinfo | 8 |
3 files changed, 24 insertions, 7 deletions
diff --git a/www/geeklog/Makefile b/www/geeklog/Makefile index fd5263ad095..5a99f7167b1 100644 --- a/www/geeklog/Makefile +++ b/www/geeklog/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.28 2010/08/10 16:00:42 taca Exp $ +# $NetBSD: Makefile,v 1.28.2.1 2011/01/03 22:45:47 sbd Exp $ # DISTNAME= geeklog-${VER} @@ -19,7 +19,7 @@ DEPENDS+= ${PHP_PKG_PREFIX}-mysql>=4.3.0:../../databases/php-mysql USE_TOOLS+= pax -VER= 1.7.0 +VER= 1.7.1sr1 NO_BUILD= YES PKG_GROUPS_VARS+= APACHE_GROUP diff --git a/www/geeklog/PLIST b/www/geeklog/PLIST index e50f530cb1e..48129d838bf 100644 --- a/www/geeklog/PLIST +++ b/www/geeklog/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.13 2010/08/10 16:00:42 taca Exp $ +@comment $NetBSD: PLIST,v 1.13.2.1 2011/01/03 22:45:48 sbd Exp $ ${GEEKLOG_BASE}/emailgeeklogstories ${GEEKLOG_BASE}/language/afrikaans.php ${GEEKLOG_BASE}/language/afrikaans_utf-8.php @@ -88,6 +88,8 @@ ${GEEKLOG_BASE}/plugins/calendar/language/estonian.php ${GEEKLOG_BASE}/plugins/calendar/language/estonian_utf-8.php ${GEEKLOG_BASE}/plugins/calendar/language/french_canada.php ${GEEKLOG_BASE}/plugins/calendar/language/french_canada_utf-8.php +${GEEKLOG_BASE}/plugins/calendar/language/french_france.php +${GEEKLOG_BASE}/plugins/calendar/language/french_france_utf-8.php ${GEEKLOG_BASE}/plugins/calendar/language/german.php ${GEEKLOG_BASE}/plugins/calendar/language/german_formal.php ${GEEKLOG_BASE}/plugins/calendar/language/german_formal_utf-8.php @@ -150,11 +152,15 @@ ${GEEKLOG_BASE}/plugins/links/language/estonian.php ${GEEKLOG_BASE}/plugins/links/language/estonian_utf-8.php ${GEEKLOG_BASE}/plugins/links/language/french_canada.php ${GEEKLOG_BASE}/plugins/links/language/french_canada_utf-8.php +${GEEKLOG_BASE}/plugins/links/language/french_france.php +${GEEKLOG_BASE}/plugins/links/language/french_france_utf-8.php ${GEEKLOG_BASE}/plugins/links/language/german.php ${GEEKLOG_BASE}/plugins/links/language/german_formal.php ${GEEKLOG_BASE}/plugins/links/language/german_formal_utf-8.php ${GEEKLOG_BASE}/plugins/links/language/german_utf-8.php ${GEEKLOG_BASE}/plugins/links/language/hebrew_utf-8.php +${GEEKLOG_BASE}/plugins/links/language/italian.php +${GEEKLOG_BASE}/plugins/links/language/italian_utf-8.php ${GEEKLOG_BASE}/plugins/links/language/japanese_utf-8.php ${GEEKLOG_BASE}/plugins/links/language/korean.php ${GEEKLOG_BASE}/plugins/links/language/korean_utf-8.php @@ -200,6 +206,8 @@ ${GEEKLOG_BASE}/plugins/polls/language/estonian.php ${GEEKLOG_BASE}/plugins/polls/language/estonian_utf-8.php ${GEEKLOG_BASE}/plugins/polls/language/french_canada.php ${GEEKLOG_BASE}/plugins/polls/language/french_canada_utf-8.php +${GEEKLOG_BASE}/plugins/polls/language/french_france.php +${GEEKLOG_BASE}/plugins/polls/language/french_france_utf-8.php ${GEEKLOG_BASE}/plugins/polls/language/german.php ${GEEKLOG_BASE}/plugins/polls/language/german_formal.php ${GEEKLOG_BASE}/plugins/polls/language/german_formal_utf-8.php @@ -304,6 +312,8 @@ ${GEEKLOG_BASE}/plugins/staticpages/language/estonian_utf-8.php ${GEEKLOG_BASE}/plugins/staticpages/language/farsi_utf-8.php ${GEEKLOG_BASE}/plugins/staticpages/language/french_canada.php ${GEEKLOG_BASE}/plugins/staticpages/language/french_canada_utf-8.php +${GEEKLOG_BASE}/plugins/staticpages/language/french_france.php +${GEEKLOG_BASE}/plugins/staticpages/language/french_france_utf-8.php ${GEEKLOG_BASE}/plugins/staticpages/language/german.php ${GEEKLOG_BASE}/plugins/staticpages/language/german_formal.php ${GEEKLOG_BASE}/plugins/staticpages/language/german_formal_utf-8.php @@ -335,6 +345,7 @@ ${GEEKLOG_BASE}/plugins/staticpages/sql/mssql_updates.php ${GEEKLOG_BASE}/plugins/staticpages/sql/mysql_install.php ${GEEKLOG_BASE}/plugins/staticpages/sql/mysql_updates.php ${GEEKLOG_BASE}/plugins/staticpages/sql/pgsql_install.php +${GEEKLOG_BASE}/plugins/staticpages/sql/pgsql_updates.php ${GEEKLOG_BASE}/plugins/staticpages/templates/admin/editor.thtml ${GEEKLOG_BASE}/plugins/staticpages/templates/admin/editor_advanced.thtml ${GEEKLOG_BASE}/plugins/staticpages/templates/centerblock.thtml @@ -348,6 +359,8 @@ ${GEEKLOG_BASE}/plugins/xmlsitemap/language/english.php ${GEEKLOG_BASE}/plugins/xmlsitemap/language/english_utf-8.php ${GEEKLOG_BASE}/plugins/xmlsitemap/language/estonian.php ${GEEKLOG_BASE}/plugins/xmlsitemap/language/estonian_utf-8.php +${GEEKLOG_BASE}/plugins/xmlsitemap/language/french_france.php +${GEEKLOG_BASE}/plugins/xmlsitemap/language/french_france_utf-8.php ${GEEKLOG_BASE}/plugins/xmlsitemap/language/german.php ${GEEKLOG_BASE}/plugins/xmlsitemap/language/german_formal.php ${GEEKLOG_BASE}/plugins/xmlsitemap/language/german_formal_utf-8.php @@ -460,6 +473,7 @@ ${GEEKLOG_BASE}/system/pear/Date/Span.php ${GEEKLOG_BASE}/system/pear/Date/TimeZone.php ${GEEKLOG_BASE}/system/pear/HTTP/Request.php ${GEEKLOG_BASE}/system/pear/HTTP/Request/Listener.php +${GEEKLOG_BASE}/system/pear/LICENSE ${GEEKLOG_BASE}/system/pear/Mail.php ${GEEKLOG_BASE}/system/pear/Mail/RFC822.php ${GEEKLOG_BASE}/system/pear/Mail/mail.php @@ -477,11 +491,14 @@ ${GEEKLOG_BASE}/system/pear/Net/DNS/RR/A.php ${GEEKLOG_BASE}/system/pear/Net/DNS/RR/AAAA.php ${GEEKLOG_BASE}/system/pear/Net/DNS/RR/CNAME.php ${GEEKLOG_BASE}/system/pear/Net/DNS/RR/HINFO.php +${GEEKLOG_BASE}/system/pear/Net/DNS/RR/LOC.php ${GEEKLOG_BASE}/system/pear/Net/DNS/RR/MX.php ${GEEKLOG_BASE}/system/pear/Net/DNS/RR/NAPTR.php ${GEEKLOG_BASE}/system/pear/Net/DNS/RR/NS.php ${GEEKLOG_BASE}/system/pear/Net/DNS/RR/PTR.php +${GEEKLOG_BASE}/system/pear/Net/DNS/RR/RP.php ${GEEKLOG_BASE}/system/pear/Net/DNS/RR/SOA.php +${GEEKLOG_BASE}/system/pear/Net/DNS/RR/SPF.php ${GEEKLOG_BASE}/system/pear/Net/DNS/RR/SRV.php ${GEEKLOG_BASE}/system/pear/Net/DNS/RR/TSIG.php ${GEEKLOG_BASE}/system/pear/Net/DNS/RR/TXT.php diff --git a/www/geeklog/distinfo b/www/geeklog/distinfo index 4bd81e2d54a..14f4af9d267 100644 --- a/www/geeklog/distinfo +++ b/www/geeklog/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.14 2010/08/10 16:00:42 taca Exp $ +$NetBSD: distinfo,v 1.14.2.1 2011/01/03 22:45:48 sbd Exp $ -SHA1 (geeklog-1.7.0.tar.gz) = 579e0ffc9091dacb5c9cf8d0388d9778e5e40996 -RMD160 (geeklog-1.7.0.tar.gz) = 8d2f5367d146f95d3fbbdb36c3b07c265fee1ffb -Size (geeklog-1.7.0.tar.gz) = 5177871 bytes +SHA1 (geeklog-1.7.1sr1.tar.gz) = d19a219736997d7359188dd88d44a4c2c5a91b1b +RMD160 (geeklog-1.7.1sr1.tar.gz) = 0b8b745d4d14331029959b305ecb53edfeec09c6 +Size (geeklog-1.7.1sr1.tar.gz) = 5205330 bytes SHA1 (patch-aa) = 61cc381e4c3def555806ed4589446f466f6f8368 SHA1 (patch-aj) = 1152a6f8478373d40125ae311c4030f6e2ef4bd7 SHA1 (patch-ak) = 387f14ace88c0390a2647453a08491500b099c78 |