diff options
| author | bouyer <bouyer@pkgsrc.org> | 2008-12-20 19:02:12 +0000 |
|---|---|---|
| committer | bouyer <bouyer@pkgsrc.org> | 2008-12-20 19:02:12 +0000 |
| commit | c6ff149b09958720d86afd549a9e439df3173c59 (patch) | |
| tree | b1a663573d7a0b876936ac040c0c36f99bfd84e6 /mail/sympa | |
| parent | 1cef639b3d0809e989ae8dbacb6c5969c2df38ae (diff) | |
| download | pkgsrc-c6ff149b09958720d86afd549a9e439df3173c59.tar.gz | |
Update sympa to 5.4.4. Bug fixes (including SQL injestion and privilege
escalation vulnerabilities) and updated translations:
* Sympa was not fully compliant to the RFC 2616, leading for example
to possible unwanted list deletion by administrators using prefetching
tools. This was fixed by replacing all the threatening GET requests
by POST requests;
* Use of sprint() function for creating SQL queries lead to possible
SQL injection through cookie manipulation;
* The use of files in /tmp lead to vulnerabilities.
Diffstat (limited to 'mail/sympa')
| -rw-r--r-- | mail/sympa/Makefile | 4 | ||||
| -rw-r--r-- | mail/sympa/PLIST | 3 | ||||
| -rw-r--r-- | mail/sympa/distinfo | 8 |
3 files changed, 7 insertions, 8 deletions
diff --git a/mail/sympa/Makefile b/mail/sympa/Makefile index 723e1450af5..7fa4962afcc 100644 --- a/mail/sympa/Makefile +++ b/mail/sympa/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.37 2008/12/14 19:06:38 hasso Exp $ +# $NetBSD: Makefile,v 1.38 2008/12/20 19:02:12 bouyer Exp $ # -DISTNAME= sympa-5.4.3 +DISTNAME= sympa-5.4.4 CATEGORIES= mail MASTER_SITES= http://www.sympa.org/distribution/ \ http://www.sympa.org/distribution/old/ diff --git a/mail/sympa/PLIST b/mail/sympa/PLIST index a1da9f3048b..08af1063e44 100644 --- a/mail/sympa/PLIST +++ b/mail/sympa/PLIST @@ -1,10 +1,9 @@ -@comment $NetBSD: PLIST,v 1.6 2008/11/09 16:15:47 bouyer Exp $ +@comment $NetBSD: PLIST,v 1.7 2008/12/20 19:02:12 bouyer Exp $ man/man8/alias_manager.8 man/man8/archived.8 man/man8/bounced.8 man/man8/sympa.8 share/doc/sympa/NEWS -share/doc/sympa/sympa.pdf share/examples/sympa/README share/examples/sympa/employees.ldap share/examples/sympa/robot.conf diff --git a/mail/sympa/distinfo b/mail/sympa/distinfo index 75d072265b2..31272c3709a 100644 --- a/mail/sympa/distinfo +++ b/mail/sympa/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.10 2008/11/09 16:15:47 bouyer Exp $ +$NetBSD: distinfo,v 1.11 2008/12/20 19:02:12 bouyer Exp $ -SHA1 (sympa-5.4.3.tar.gz) = 0ca96daedb8a06782b65a6d91fe9ff56b3aa34fa -RMD160 (sympa-5.4.3.tar.gz) = 899a7e6d7d59986379a6a0a4794f1fb671006695 -Size (sympa-5.4.3.tar.gz) = 5561253 bytes +SHA1 (sympa-5.4.4.tar.gz) = 673d3a031ef2718ed234ce0814ad1d0083883919 +RMD160 (sympa-5.4.4.tar.gz) = fb0b61ac3a56981ac7f44a1863504be937e4f4b5 +Size (sympa-5.4.4.tar.gz) = 6523229 bytes SHA1 (patch-aa) = 8db2096214d667d5bada0ffb97994be9e0891547 SHA1 (patch-ab) = 404ce642a733ef7922f58613c56f449f75641a9a SHA1 (patch-ac) = 77802bab188da024c18810c07bf62064b28e3af1 |