Update sympa to 5.4.4. Bug fixes (including SQL injestion and privilege

escalation vulnerabilities) and updated translations: * Sympa was not fully compliant to the RFC 2616, leading for example to possible unwanted list deletion by administrators using prefetching tools. This was fixed by replacing all the threatening GET requests by POST requests; * Use of sprint() function for creating SQL queries lead to possible SQL injection through cookie manipulation; * The use of files in /tmp lead to vulnerabilities.
author: bouyer <bouyer> 2008-12-20 19:02:12 +0000
committer: bouyer <bouyer> 2008-12-20 19:02:12 +0000
commit: 0b15ea8090cf8478bc40cfcc5480cd9ab2b08d3a (patch)
tree: b1a663573d7a0b876936ac040c0c36f99bfd84e6 /mail/sympa/PLIST
parent: 4e091cfbed070f8fb55030c57f43a964a66840a8 (diff)
download: pkgsrc-0b15ea8090cf8478bc40cfcc5480cd9ab2b08d3a.tar.gz
1 files changed, 1 insertions, 2 deletions
diff --git a/mail/sympa/PLIST b/mail/sympa/PLIST
index a1da9f3048b..08af1063e44 100644
--- a/mail/sympa/PLIST
+++ b/mail/sympa/PLIST
@@ -1,10 +1,9 @@
-@comment $NetBSD: PLIST,v 1.6 2008/11/09 16:15:47 bouyer Exp $
+@comment $NetBSD: PLIST,v 1.7 2008/12/20 19:02:12 bouyer Exp $
 man/man8/alias_manager.8
 man/man8/archived.8
 man/man8/bounced.8
 man/man8/sympa.8
 share/doc/sympa/NEWS
-share/doc/sympa/sympa.pdf
 share/examples/sympa/README
 share/examples/sympa/employees.ldap
 share/examples/sympa/robot.conf
author	bouyer <bouyer>	2008-12-20 19:02:12 +0000
committer	bouyer <bouyer>	2008-12-20 19:02:12 +0000
commit	0b15ea8090cf8478bc40cfcc5480cd9ab2b08d3a (patch)
tree	b1a663573d7a0b876936ac040c0c36f99bfd84e6 /mail/sympa/PLIST
parent	4e091cfbed070f8fb55030c57f43a964a66840a8 (diff)
download	pkgsrc-0b15ea8090cf8478bc40cfcc5480cd9ab2b08d3a.tar.gz