From 63b6e0d597d425e0a23bb1c9a3df9dc90330313a Mon Sep 17 00:00:00 2001 From: spz Date: Sun, 12 Jan 2014 22:22:25 +0000 Subject: update to version 5.0.3: This release fixes a security vulnerability in Roller, listed below: CVE-2014-0030 Apache Roller XML-RPC susceptible to XML Entended Entity attacks --- www/apache-roller/Makefile | 4 ++-- www/apache-roller/distinfo | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/www/apache-roller/Makefile b/www/apache-roller/Makefile index 167d3579181..e228c986cde 100644 --- a/www/apache-roller/Makefile +++ b/www/apache-roller/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.11 2013/11/08 20:45:28 spz Exp $ +# $NetBSD: Makefile,v 1.12 2014/01/12 22:22:25 spz Exp $ # DISTNAME= roller-weblogger-${ROLLER_VER}-for-tomcat @@ -15,7 +15,7 @@ BUILD_DEPENDS+= fastjar-[0-9]*:../../archivers/fastjar USE_JAVA= run USE_JAVA2= 1.5 -ROLLER_VER= 5.0.2 +ROLLER_VER= 5.0.3 PLIST_SUBST+= PKGNAME_NOREV=${PKGNAME_NOREV:Q} diff --git a/www/apache-roller/distinfo b/www/apache-roller/distinfo index d9ea34bb36e..ff082d84139 100644 --- a/www/apache-roller/distinfo +++ b/www/apache-roller/distinfo @@ -1,5 +1,5 @@ -$NetBSD: distinfo,v 1.4 2013/11/08 20:45:28 spz Exp $ +$NetBSD: distinfo,v 1.5 2014/01/12 22:22:25 spz Exp $ -SHA1 (roller-weblogger-5.0.2-for-tomcat.tar.gz) = d96cf137d7c0765391e4040782b11fa79b72a369 -RMD160 (roller-weblogger-5.0.2-for-tomcat.tar.gz) = 54375de7b2cdb81ab47602807f0b0c90f827253d -Size (roller-weblogger-5.0.2-for-tomcat.tar.gz) = 31620009 bytes +SHA1 (roller-weblogger-5.0.3-for-tomcat.tar.gz) = d2a10293c9665b6a2864447b58f883b348be3144 +RMD160 (roller-weblogger-5.0.3-for-tomcat.tar.gz) = 4884520ebf953539629854b3afd545e24c60744e +Size (roller-weblogger-5.0.3-for-tomcat.tar.gz) = 31622161 bytes -- cgit v1.2.3