diff options
| author | taca <taca> | 2009-10-22 14:53:09 +0000 |
|---|---|---|
| committer | taca <taca> | 2009-10-22 14:53:09 +0000 |
| commit | 0f0c701a4583beb65226a75c15dfc8094c9dd92a (patch) | |
| tree | 90983870343029905d167779633c447826b09211 /www | |
| parent | 96c3bde7421d2b6823d10e2c9b95858fbea1a06f (diff) | |
| download | pkgsrc-0f0c701a4583beb65226a75c15dfc8094c9dd92a.tar.gz | |
Update www/typo3 package to 4.2.10. It fixes multiple security issues
found in TYPO3 core.
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016/
2009-10-22 Oliver Hader <oliver@typo3.org>
* Release of TYPO3 4.2.10
2009-10-22 Ernesto Baschny <ernst@cron-it.de>
* Security Issue #11664: Updated RemoveXSS code to the latest knowledge in this area (thanks to Jigal van Hemert)
* Fixed bug #11586: Potential SQL injection in frontend editing (thanks to Oliver Klee)
* Fixed bug #12309: It was possible to gain access to the Install Tool by only knowing the md5 hash of the password.
* Fixed bug #12310: Encryption key can be recalculated when using normal mailform when [FE][strictFormmail] == 0 (thanks to Oliver Klee)
* Fixed bug #12090: Filenames should be escaped with escapeshellarg before passing them to imagemagick (thanks to Oliver Klee)
* Fixed bug #12303: XSS vulnerability due to not proper sanitizing in function t3lib_div::quoteJSvalue (thanks to Oliver Klee)
* Fixed bug #12304: Frame inclusion in the backend through alt_mod_frameset (thanks to Oliver Klee)
* Fixed bug #12305: XSS vulnerability in view_help.php / tfID parameter (thanks to Oliver Klee)
* Fixed bug #12306: XSS vulnerability in module dispatcher
* Fixed bug #12307: XSS vulnerability in alt_palette (thanks to Oliver Klee)
* Fixed bug #12308: XSS vulnerability in "DB > Full search" functionality
* Fixed bug #10501: XSS vulnerability in the install tool (thanks to Oliver Klee)
2009-10-21 Rupert Germann <rupi@gmx.li>
* Fixed bug #12280: Error Message while creating empty Folders (thanks to Daniel Schmitzer)
* Fixed bug #12300 (Follow-up to 11995): Output compression breaks prompt for keyboard input in CLI scripts
2009-10-21 Steffen Kamper <info@sk-typo3.de>
* Fixed bug #12272: Steps disregarded in t3lib_lock (thanks to Dan Osipov)
2009-10-15 Rupert Germann <rupi@gmx.li>
* Fixed bug #8728: PHP Warning, if SQL error occurs in class t3lib_db in functions which depend on an existing resultset (thanks to Felix Oertel)
2009-10-11 Rupert Germann <rupi@gmx.li>
* Fixed bug #10971: Fatal error in impexp module: Call to a member function includeLLFile() on a non-object (thanks to Andre Steiling)
2009-10-10 Rupert Germann <rupi@gmx.li>
* Fixed bug #12129 (follow-up to bug #11986): Translation update broken with activated output compression (thanks to Steffen Gebert)
2009-09-29 Oliver Hader <oliver@typo3.org>
* Fixed bug #11433: touch(): Utime failed in install tool (thanks to Steffen Gebert)
Diffstat (limited to 'www')
| -rw-r--r-- | www/typo3/Makefile | 4 | ||||
| -rw-r--r-- | www/typo3/PLIST | 3 | ||||
| -rw-r--r-- | www/typo3/distinfo | 14 |
3 files changed, 11 insertions, 10 deletions
diff --git a/www/typo3/Makefile b/www/typo3/Makefile index 7c27be95027..33f7fd66d21 100644 --- a/www/typo3/Makefile +++ b/www/typo3/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.15 2009/09/29 13:36:58 taca Exp $ +# $NetBSD: Makefile,v 1.16 2009/10/22 14:53:09 taca Exp $ # DISTNAME= ${TYPO3NAME} @@ -17,7 +17,7 @@ DEPENDS+= ${PHP_PKG_PREFIX}-zlib>=5.2.0:../../archivers/php-zlib/ PKG_DESTDIR_SUPPORT= destdir -VER= 4.2.9 +VER= 4.2.10 NO_BUILD= yes USE_TOOLS= pax diff --git a/www/typo3/PLIST b/www/typo3/PLIST index 24b5d97994a..ab69f295b18 100644 --- a/www/typo3/PLIST +++ b/www/typo3/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.7 2009/07/06 15:15:44 taca Exp $ +@comment $NetBSD: PLIST,v 1.8 2009/10/22 14:53:09 taca Exp $ ${EGDIR}/localconf.php ${TYPO3DIR}/${TYPO3NAME}/ChangeLog ${TYPO3DIR}/${TYPO3NAME}/GPL.txt @@ -2050,6 +2050,7 @@ ${TYPO3DIR}/${TYPO3NAME}/typo3/sysext/install/imgs/pdf_from_imagemagick.pdf ${TYPO3DIR}/${TYPO3NAME}/typo3/sysext/install/imgs/typo3logotype.ai ${TYPO3DIR}/${TYPO3NAME}/typo3/sysext/install/mod/class.tx_install.php ${TYPO3DIR}/${TYPO3NAME}/typo3/sysext/install/mod/class.tx_install_eid.php +${TYPO3DIR}/${TYPO3NAME}/typo3/sysext/install/mod/class.tx_install_session.php ${TYPO3DIR}/${TYPO3NAME}/typo3/sysext/install/mod/clear.gif ${TYPO3DIR}/${TYPO3NAME}/typo3/sysext/install/mod/conf.php ${TYPO3DIR}/${TYPO3NAME}/typo3/sysext/install/mod/install.gif diff --git a/www/typo3/distinfo b/www/typo3/distinfo index c0af0fe4dbe..807ebb0901b 100644 --- a/www/typo3/distinfo +++ b/www/typo3/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.9 2009/09/29 13:36:58 taca Exp $ +$NetBSD: distinfo,v 1.10 2009/10/22 14:53:09 taca Exp $ -SHA1 (dummy-4.2.9.tar.gz) = 7cbf005ea91a4b94e7f12aeb7d3b1b99574a2252 -RMD160 (dummy-4.2.9.tar.gz) = 50c4623d135dbd79d972ade992d8b3b5b5565711 -Size (dummy-4.2.9.tar.gz) = 9378 bytes -SHA1 (typo3_src-4.2.9.tar.gz) = f6be5d1034ed0d0f10dd3b295423b6b67a26340b -RMD160 (typo3_src-4.2.9.tar.gz) = b90d66945c8098074bd077b1db878d6fa4c00ca1 -Size (typo3_src-4.2.9.tar.gz) = 8147838 bytes +SHA1 (dummy-4.2.10.tar.gz) = af13dd4d419c9067c7bf3c602fe6a34b6b69ce51 +RMD160 (dummy-4.2.10.tar.gz) = 7da79972fe392cbe7c3a7fd6cd4b0704fe487b42 +Size (dummy-4.2.10.tar.gz) = 9381 bytes +SHA1 (typo3_src-4.2.10.tar.gz) = ba6fa68267bf924df2f3ddfffee7dac4fc51f800 +RMD160 (typo3_src-4.2.10.tar.gz) = 1fc914e72930b995aeabad9529c7b2177969f322 +Size (typo3_src-4.2.10.tar.gz) = 8155862 bytes SHA1 (patch-aa) = 12dc31e5d1b03f38c4957a08a5451da667d58214 |