diff options
| author | bsiegert <bsiegert> | 2016-12-04 15:18:40 +0000 |
|---|---|---|
| committer | bsiegert <bsiegert> | 2016-12-04 15:18:40 +0000 |
| commit | 26e7948cccc416d73027f0087aeb2d5766e5d9ed (patch) | |
| tree | 0612fdfbd5134b679c9d3645b0ce24402b873738 | |
| parent | 1f8618e154baf180c5fba28c94160213b09e7237 (diff) | |
| download | pkgsrc-26e7948cccc416d73027f0087aeb2d5766e5d9ed.tar.gz | |
Pullup ticket #5164 - requested by taca
www/drupal7: security fix
Revisions pulled up:
- www/drupal7/Makefile 1.40-1.42
- www/drupal7/PLIST 1.15
- www/drupal7/distinfo 1.31-1.32
---
Module Name: pkgsrc
Committed By: wen
Date: Fri Oct 21 14:31:30 UTC 2016
Modified Files:
pkgsrc/www/drupal7: Makefile PLIST distinfo
Log Message:
Update to 7.51
Upstream changes:
Drupal 7.51, 2016-10-05
-----------------------
- The Update module now also checks for updates to a disabled theme that is
used as an admin theme.
- Exceptions thrown in dblog_watchdog() are now caught and ignored.
- Clarified the warning that appears when modules are missing or have moved.
- Log messages are now XSS filtered on display.
- Draggable tables now work on touch screen devices.
- Added a setting for allowing double underscores in CSS identifiers
(https://www.drupal.org/node/2810369).
- If a user navigates away from a page while an Ajax request is running they
will no longer get an error message saying "An Ajax HTTP request terminated
abnormally".
- The system_region_list() API function now takes an optional third parameter
which allows region name translations to be skipped when they are not needed
(API addition: https://www.drupal.org/node/2810365).
- Numerous performance improvements.
- Numerous bug fixes.
- Numerous API documentation improvements.
- Additional automated test coverage.
Drupal 7.50, 2016-07-07
-----------------------
- Added a new "administer fields" permission for trusted users, which is
required in addition to other permissions to use the field UI
(https://www.drupal.org/node/2483307).
- Added clickjacking protection to Drupal core by setting the X-Frame-Options
header to SAMEORIGIN by default (https://www.drupal.org/node/2735873).
- Added support for full UTF-8 (emojis, Asian symbols, mathematical symbols) on
MySQL and other database drivers when the site and database are configured to
allow it (https://www.drupal.org/node/2761183).
- Improved performance by avoiding a re-scan of directories when a file is
missing; instead, trigger a PHP warning (minor API change:
https://www.drupal.org/node/2581445).
- Made it possible to use any PHP callable in Ajax form callbacks, form API
form-building functions, and form API wrapper callbacks (API addition:
https://www.drupal.org/node/2761169).
- Fixed that following a password reset link while logged in leaves users unable
to change their password (minor user interface change:
https://www.drupal.org/node/2759023).
- Implemented various fixes for automated test failures on PHP 5.4+ and PHP 7.
Drupal core automated tests now pass in these environments.
- Improved support for PHP 7 by fixing various problems.
- Fixed various bugs with PHP 5.5+ imagerotate(), including when incorrect
color indices are passed in.
- Fixed a regression introduced in Drupal 7.43 that allowed files uploaded by
anonymous users to be lost after form validation errors, and that also caused
regressions with certain contributed modules.
- Fixed a regression introduced in Drupal 7.36 which caused the default value
of hidden textarea fields to be ignored.
- Fixed robots.txt to allow search engines to access CSS, JavaScript and image
files.
- Changed wording on the Update Manager settings page to clarify that the
option to check for disabled module updates also applies to uninstalled
modules (administrative-facing translatable string change).
- Changed the help text when editing menu links and configuring URL redirect
actions so that it does not reference "Drupal" or the drupal.org website
(administrative-facing translatable string change).
- Fixed the locale safety check that is used to ensure that translations are
safe to allow for tokens in the href/src attributes of translated strings.
- Fixed that URL generation only works on port 80 when using domain based
language negotation.
- Made method="get" forms work inside the administrative overlay. The fix adds
a new hidden field to these forms when they appear inside the overlay (minor
data structure change).
- Increased maxlength of menu link title input fields in the node form and
menu link form from 128 to 255 characters.
- Removed meaningless post-check=0 and pre-check=0 cache control headers from
Drupal HTTP responses.
- Added a .editorconfig file to auto-configure editors that support it.
- Added --directory option to run-tests.sh for easier test discovery of all
tests within a project.
- Made run-tests.sh exit with a failure code when there are test fails or
problems running the script.
- Fixed that cookies from previous tests are still present when a new test
starts in DrupalWebTestCase.
- Improved performance of queries on the {authmap} database table.
- Fixed handling of missing files and functions inside the registry.
- Fixed Ajax handling for tableselect form elements that use checkboxes.
- Fixed a bug which caused ip_address() to return nothing when the client IP
address and proxy IP address are the same.
- Added a new option to format_xml_elements() to allow for already encoded
values.
- Changed the {history} table's node ID field to be an unsigned integer, to
match the same field in the {node} table and to prevent errors with very
large node IDs.
- Added an explicit page callback to the "admin/people/create" menu item in the
User module (minor data structure change). Previously this automatically
inherited the page callback from the parent "admin/people" menu item, which
broke contributed modules that override the "admin/people" page.
- Numerous small bug fixes.
- Numerous API documentation improvements.
- Additional automated test coverage.
---
Module Name: pkgsrc
Committed By: wen
Date: Sat Oct 22 07:44:03 UTC 2016
Modified Files:
pkgsrc/www/drupal7: Makefile
Log Message:
Add missing php module.
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 17 14:18:39 UTC 2016
Modified Files:
pkgsrc/www/drupal7: Makefile distinfo
Log Message:
Update drupal7 to 7.52 (Drupal 7.52), including security fix.
Drupal 7.52, 2016-11-16
-----------------------
- Fixed security issues (multiple vulnerabilities). See SA-CORE-2016-005.
| -rw-r--r-- | www/drupal7/Makefile | 9 | ||||
| -rw-r--r-- | www/drupal7/PLIST | 7 | ||||
| -rw-r--r-- | www/drupal7/distinfo | 10 |
3 files changed, 16 insertions, 10 deletions
diff --git a/www/drupal7/Makefile b/www/drupal7/Makefile index 881ccf5347d..9f3e81806bf 100644 --- a/www/drupal7/Makefile +++ b/www/drupal7/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.39 2016/06/16 23:20:16 taca Exp $ +# $NetBSD: Makefile,v 1.39.4.1 2016/12/04 15:18:40 bsiegert Exp $ -DISTNAME= drupal-7.44 +DISTNAME= drupal-7.52 PKGNAME= ${PHP_PKG_PREFIX}-${DISTNAME} CATEGORIES= www MASTER_SITES= http://ftp.drupal.org/files/projects/ @@ -10,8 +10,9 @@ HOMEPAGE= http://drupal.org/ COMMENT= Open source content management system LICENSE= gnu-gpl-v2 -DEPENDS+= ${PHP_PKG_PREFIX}-gd>=5.2.5:../../graphics/php-gd -DEPENDS+= ${PHP_PKG_PREFIX}-json>=5.2.5:../../textproc/php-json +DEPENDS+= ${PHP_PKG_PREFIX}-gd>=5.4.0:../../graphics/php-gd +DEPENDS+= ${PHP_PKG_PREFIX}-json>=5.4.0:../../textproc/php-json +DEPENDS+= ${PHP_PKG_PREFIX}-dom>=5.4.0:../../textproc/php-dom NO_BUILD= YES DRUPAL= share/drupal diff --git a/www/drupal7/PLIST b/www/drupal7/PLIST index 52b1f23574b..b82b1970fb4 100644 --- a/www/drupal7/PLIST +++ b/www/drupal7/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.14 2016/02/25 15:15:57 taca Exp $ +@comment $NetBSD: PLIST,v 1.14.6.1 2016/12/04 15:18:40 bsiegert Exp $ share/doc/drupal/CHANGELOG.txt share/doc/drupal/COPYRIGHT.txt share/doc/drupal/INSTALL.mysql.txt @@ -603,6 +603,7 @@ share/drupal/modules/simpletest/files/html-1.txt share/drupal/modules/simpletest/files/html-2.html share/drupal/modules/simpletest/files/image-1.png share/drupal/modules/simpletest/files/image-2.jpg +share/drupal/modules/simpletest/files/image-test-no-transparency.gif share/drupal/modules/simpletest/files/image-test-transparent-out-of-range.gif share/drupal/modules/simpletest/files/image-test.gif share/drupal/modules/simpletest/files/image-test.jpg @@ -742,6 +743,7 @@ share/drupal/modules/simpletest/tests/system_incompatible_module_version_test.mo share/drupal/modules/simpletest/tests/system_project_namespace_test.info share/drupal/modules/simpletest/tests/system_project_namespace_test.module share/drupal/modules/simpletest/tests/system_test.info +share/drupal/modules/simpletest/tests/system_test.install share/drupal/modules/simpletest/tests/system_test.module share/drupal/modules/simpletest/tests/tablesort.test share/drupal/modules/simpletest/tests/taxonomy_test.info @@ -917,6 +919,7 @@ share/drupal/modules/update/tests/drupal.0.xml share/drupal/modules/update/tests/drupal.1.xml share/drupal/modules/update/tests/drupal.2-sec.xml share/drupal/modules/update/tests/drupal.dev.xml +share/drupal/modules/update/tests/themes/update_test_admintheme/update_test_admintheme.info share/drupal/modules/update/tests/themes/update_test_basetheme/update_test_basetheme.info share/drupal/modules/update/tests/themes/update_test_subtheme/update_test_subtheme.info share/drupal/modules/update/tests/update_test.info @@ -1092,3 +1095,5 @@ share/drupal/update.php share/drupal/xmlrpc.php share/examples/drupal/default.settings.php share/examples/drupal/drupal.conf +@pkgdir share/drupal/sites +@pkgdir share/drupal/files diff --git a/www/drupal7/distinfo b/www/drupal7/distinfo index 555f7aac151..ea8c6832fe6 100644 --- a/www/drupal7/distinfo +++ b/www/drupal7/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.30 2016/06/16 23:20:16 taca Exp $ +$NetBSD: distinfo,v 1.30.4.1 2016/12/04 15:18:40 bsiegert Exp $ -SHA1 (drupal-7.44.tar.gz) = efeb199a01b785ec4362b4c9488981ef5fc49b61 -RMD160 (drupal-7.44.tar.gz) = 0e9c095d4c255937293e816a214fbc0cd034bc21 -SHA512 (drupal-7.44.tar.gz) = 67d358c85259b7722824f214be177c40819c7e0c06c8ec7511b7f87ecff1ab6622af62fc5769b62682e0e67f718743afa6b0a9e4c55e2348a1b408eeb566c3e9 -Size (drupal-7.44.tar.gz) = 3265819 bytes +SHA1 (drupal-7.52.tar.gz) = fceb7a2891e870eae1a027d7f06028aa24dc58b2 +RMD160 (drupal-7.52.tar.gz) = c58b7c789e5853842d260065e2fb27cf4809dcf9 +SHA512 (drupal-7.52.tar.gz) = 4fd2721b87d7e160ccf202894c5ec11e836796be6dce3fbfe187eea826175822677c26079a3dae4567e0615e8f376a88c07a8979b619bb4ac1096c8ea5c8f802 +Size (drupal-7.52.tar.gz) = 3289714 bytes |