summaryrefslogtreecommitdiff
path: root/devel/mantis
AgeCommit message (Collapse)AuthorFilesLines
2006-06-02Rename all PHP 4 packages to php4-*, all PHP 5 packages to php5-*,joerg1-4/+5
all PEAR packages to php?-pear-* and all Apache packages to ap13-* or ap2-* respectively. Add new variables to simplify the Makefile handling. Add CONFLICTS on the old names. Reset revisions of bumped packages. ap-php will now depend on the default Apache and PHP version. All programs using it have an implicit option of the Apache version as well. OK from jlam@ and adrianp@.
2006-05-28Update to 1.0.3adrianp4-12/+12
> - 7037: [security] Port: Login with disabled account possible (vboctor) > - 7034: [bugtracker] Port: bug in string_sanitize_url() (vboctor) > - 7028: [db mssql] Port: "Prune Accounts" function doesn't work with MS SQL (vboctor) > - 7029: [db mssql] Port: MS SQL Error on View Filters Page (vboctor) > - 7030: [db mssql] Port: installtion fails - administrator have no rights on db (vboctor) > - 7032: [db mssql] Port: Error on opening Change Log (vboctor) > - 7039: [db mssql] Notice: Only variables should be assigned by reference in coreadodbadodb.inc.php on line 2931 (vboctor) > - 7035: [feature] Port: Global Profiles list not sorted (vboctor) > - 7038: [filters] Port: SYSTEM WARNING: Argument 1 to array_multisort() is expected to be an array or a sort flag (vboctor) > - 7031: [installation] Port: is_writable never success in install.php (vboctor) > - 7041: [installation] Port: newbie admins may be redirected to blank page (vboctor) > - 7033: [printing] Port: wrong strpos function call (vboctor) > - 7027: [upgrade] Port: fixed_in_version is renamed to Fixed_in_version during database migration (vboctor)
2006-05-01Update to 1.0.2adrianp3-35/+7
> 2006.04.18 - 1.0.2 > - 0006902: [security] XSS in mantis bug track system .... (thraxisp) > - 0006859: [bugtracker] Can send reminders to all recipients (thraxisp) > > 2006.02.18 - 1.0.1 > - 0006722: [installation] Remaining mysqli_ install problems (ref. #0006672): my sqli_real_escape_string() expects parameter 1 to be link (thraxisp) > - 0006672: [installation] install.php assumes mysql extension, fails with mysqli extension (thraxisp) > - 0006668: [filters] Parse error while saving new filter: Call to undefined function: string_strip_tags() (thraxisp) > > 2006.02.04 - 1.0.0 > - 0006044: [security] 'Return' _GET is not checked (thraxisp) > - 0006650: [security] ADOdb can be exploited to execute arbitrary SQL code (vboctor) > - 0006659: [security] Cross site scripting vulnerability (thraxisp) > - 0006634: [filters] Filter does not work with profiles (vboctor)
2006-04-22Removed the superfluous "quotes" and 'quotes' from variables that don'trillig1-2/+2
need them, for example RESTRICTED and SUBST_MESSAGE.*.
2006-02-05Recursive revision bump / recommended bump for gettext ABI change.joerg1-2/+2
2006-01-24Bump BUILDLINK_RECOMMENDED of textproc/expat to 2.0.0 becausewiz1-1/+2
of the shlib major bump. PKGREVISION++ for the dependencies.
2006-01-17Update to 1.0.0rc5adrianp2-8/+7
0006509: [security] Port: Additional XSS Vulnerabilities in Filter (thraxisp) 0006557: [security] XSS Vulnerability in manage_user (TKADV2005-11-002) (thraxisp) 0006563: [security] Port XSS Vulnerability in project documents (TKADV2005-11-02) (thraxisp) 0006569: [security] XSS Vulnerability in saved queries (TKADV2005-11-002) (thraxisp) 0006594: [bugtracker] config_flush_cache does not work correctly (thraxisp) 0006585: [documentation] don't see the documentation (thraxisp) 0006501: [filters] Categories can't be selected for filter-setting (thraxisp)
2006-01-09Bump to nb1 for adodb security issue (adodb is included with mantis)adrianp2-3/+8
Use included files/mantis.conf to block apache access to core/adodb
2006-01-08Bump PKGREVISION due to mysql.buildlink3.mk changes (default mysqlxtraeme1-1/+2
pkg has been changed to 5.x). Reminded by wiz... thanks.
2005-12-29Remove USE_PKGINSTALL from pkgsrc now that mk/install/pkginstall.mkjlam1-2/+1
automatically detects whether we want the pkginstall machinery to be used by the package Makefile.
2005-12-21Update mantis from 1.0.0rc3 to 1.0.0rc4adrianp2-6/+6
From the ChangeLog: - 0006421: [security] Private bugs show up in public RSS feed (vboctor) - 0006458: [security] Port #6457: SQL Injection in manage user page (TKADV2005-11-002) (vboctor) - 0006461: [security] Port #6460: HTTP Header CRLF Injection (TKADV2005-11-002) (vboctor) - 0006485: [security] XSS Vulnerability in filters (TKADV2005-11-002) (thraxisp) - 0006489: [security] Port Injection Vulnerabilities in Filters (TKADV2005-11-002) (thraxisp) - 0006492: [security] Port #6453: Make note private has no effect when resolving bug (thraxisp) - 0006432: [bugtracker] error processing does not work! (jlatour) - 0006379: [filters] Filter returns private issues when it should not (thraxisp) - 0006254: [localization] strings_korean_utf8.txt has UTF-8 byte-order marker (ryandesign) - 0006268: [localization] strings_chinese_simplified_utf8.txt has UTF-8 byte-order marker (ryandesign) - 0006304: [localization] [PATCH] Major overhaul of strings_dutch.txt (jlatour) - 0006358: [localization] Updated Dutch localization (Wanderer) - 0006474: [localization] Calls to htmlspecialchars should take into account the current charset (jlatour)
2005-12-05Fixed pkglint warnings. The warnings are mostly quoting issues, forrillig1-2/+2
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some other changes are outlined in http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html
2005-11-03Update to 1.0.0rc3 (from 1.0.0rc2)adrianp2-7/+6
From the Changelog: - 0006273: [security] File Inclusion Vulnerability (vboctor) - 0006275: [security] SQL injection (vboctor) - 0006234: [filters] Filter sometimes returns no results (thraxisp) - 0006295: [filters] Old filters and view_state problems. (thraxisp) - 0006288: [filters] Patch against CVS HEAD for Saved filter problem with view_state (thraxisp) - 0006296: [filters] Filter sql includes unnecessary links to custom_field_string_table for date custom fields (thraxisp) - 0006297: [filters] sorting on custom field, bring MySQL to deadlock loop (thraxisp)
2005-10-23Sorted PLIST.rillig1-196/+196
2005-09-28Removed trailing white-space.rillig1-3/+3
2005-09-22Fix build on 1.6.xadrianp1-16/+17
Fix ${INSTALL} typo in Makefile which caused the files to be installed with the wrong permissions Bump to nb1
2005-09-19Update mantis to 1.0.0rc2adrianp4-215/+329
Many updates and bugfixes including security updates - upgrade is recommended For a full list of changes: http://www.mantisbt.org/changelog.php
2005-06-10- Fix PLIST problems pointed out by wiz@ on bulk-buildsadrianp2-8/+3
- Bump to nb4
2005-06-06- Fix incomplete PLISTadrianp2-5/+8
- Relax restrictions for PHP and mySQL requirements - all versions should work OK - this should fix the bulk-builds failures. - Bump to nb3
2005-05-23Removed trailing white-space.rillig1-7/+7
2005-04-25Prefer mysql version 40 over version 30 (because version 30 has beenkristerw1-3/+3
removed from pkgsrc). Bump PKGREVISION.
2005-04-11Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used.tv1-2/+1
2005-02-23Add RMD160 digests.agc1-1/+2
2004-12-28- Simplify the package by removing various BUILD_DEFS that are not requiredadrianp2-20/+10
- Fix CONF_FILES handling
2004-12-05Fix mantis.conf path. PR#28497 by Wouter Schoot.cube1-2/+2
2004-11-08- Fix missing BUILD_DEF rename from initial importadrianp1-2/+2
2004-11-08Mantis is a web-based bugtracking system. It is written in the PHP scriptingadrianp6-0/+607
language and requires the MySQL database and a webserver. Mantis has been installed on Windows, MacOS, OS/2, and a variety of Unix operating systems. Almost any web browser should be able to function as a client. It is released under the terms of the GNU General Public License (GPL). Mantis is free to use and modify. It is free to redistribute as long as you abide by the distribution terms of the GPL.