ports/61903: security update of www/gallery port
Alex Varju
varju at webct.com
Sun Jan 25 19:40:28 UTC 2004
>Number: 61903
>Category: ports
>Synopsis: security update of www/gallery port
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Sun Jan 25 11:40:08 PST 2004
>Closed-Date:
>Last-Modified:
>Originator: Alex Varju
>Release: FreeBSD 5.2-RELEASE i386
>Organization:
WebCT
>Environment:
System: FreeBSD snapple.webct.com 5.2-RELEASE FreeBSD 5.2-RELEASE #10: Fri Jan 16 17:24:29 PST 2004 varju at snapple.webct.com:/usr/obj/usr/src/sys/SNAPPLE i386
>Description:
A security advisory has been issued for Gallery version 1.4.1. This updates
the port to version 1.4.1-pl1.
>How-To-Repeat:
>Fix:
Index: ports/www/gallery/Makefile
===================================================================
RCS file: /home/freebsd/cvsroot/ports/www/gallery/Makefile,v
retrieving revision 1.21
diff -u -r1.21 Makefile
--- ports/www/gallery/Makefile 13 Jan 2004 12:53:54 -0000 1.21
+++ ports/www/gallery/Makefile 25 Jan 2004 19:32:24 -0000
@@ -6,10 +6,11 @@
#
PORTNAME= gallery
-PORTVERSION= 1.4.1
+PORTVERSION= 1.4.1.1
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}
MASTER_SITE_SUBDIR= ${PORTNAME}
+DISTNAME= ${PORTNAME}-${PORTVERSION:S/.1$/-pl1/}
DISTFILES= ${DISTNAME}${EXTRACT_SUFX} ${LANGPACKS}
DIST_SUBDIR= gallery
@@ -20,37 +21,38 @@
jhead:${PORTSDIR}/graphics/jhead \
unzip:${PORTSDIR}/archivers/unzip
-LANGPACKS= af_ZA-pack-${PORTVERSION}-u1${EXTRACT_SUFX} \
- bg_BG-pack-${PORTVERSION}-u1${EXTRACT_SUFX} \
- cs_CZ.cp1250-pack-${PORTVERSION}-u1${EXTRACT_SUFX} \
- da_DK-pack-${PORTVERSION}${EXTRACT_SUFX} \
- de_DE-pack-${PORTVERSION}-u2${EXTRACT_SUFX} \
- de_DE.du-pack-${PORTVERSION}-u1${EXTRACT_SUFX} \
- en_GB-pack-${PORTVERSION}${EXTRACT_SUFX} \
- es_ES-pack-${PORTVERSION}-u2${EXTRACT_SUFX} \
- fi_FI-pack-${PORTVERSION}-u1${EXTRACT_SUFX} \
- fr_FR-pack-${PORTVERSION}-u1${EXTRACT_SUFX} \
- he_IL-pack-${PORTVERSION}-u1${EXTRACT_SUFX} \
- hu_HU-pack-${PORTVERSION}-u1${EXTRACT_SUFX} \
- is_IS-pack-${PORTVERSION}-u1${EXTRACT_SUFX} \
- it_IT-pack-${PORTVERSION}${EXTRACT_SUFX} \
- ja_JP-pack-${PORTVERSION}-u1${EXTRACT_SUFX} \
- ko_KR-pack-${PORTVERSION}-u1${EXTRACT_SUFX} \
- lt_LT-pack-${PORTVERSION}-u1${EXTRACT_SUFX} \
- nl_NL-pack-${PORTVERSION}-u1${EXTRACT_SUFX} \
- no_NO-pack-${PORTVERSION}${EXTRACT_SUFX} \
- pl_PL-pack-${PORTVERSION}-u1${EXTRACT_SUFX} \
- pt_BR-pack-${PORTVERSION}-u1${EXTRACT_SUFX} \
- pt_PT-pack-${PORTVERSION}-u1${EXTRACT_SUFX} \
- ru_RU.koi8r-pack-${PORTVERSION}${EXTRACT_SUFX} \
- sl_SI-pack-${PORTVERSION}${EXTRACT_SUFX} \
- sv_SE-pack-${PORTVERSION}-u2${EXTRACT_SUFX} \
- tr_TR-pack-${PORTVERSION}${EXTRACT_SUFX} \
- uk_UA-pack-${PORTVERSION}${EXTRACT_SUFX} \
- vi_VN-pack-${PORTVERSION}-u2${EXTRACT_SUFX} \
- zh_CN-pack-${PORTVERSION}${EXTRACT_SUFX} \
- zh_TW-pack-${PORTVERSION}-u1${EXTRACT_SUFX} \
- zh_TW.utf8-pack-${PORTVERSION}${EXTRACT_SUFX}
+LANGVERSION= 1.4.1
+LANGPACKS= af_ZA-pack-${LANGVERSION}-u1${EXTRACT_SUFX} \
+ bg_BG-pack-${LANGVERSION}-u1${EXTRACT_SUFX} \
+ cs_CZ.cp1250-pack-${LANGVERSION}-u1${EXTRACT_SUFX} \
+ da_DK-pack-${LANGVERSION}${EXTRACT_SUFX} \
+ de_DE-pack-${LANGVERSION}-u2${EXTRACT_SUFX} \
+ de_DE.du-pack-${LANGVERSION}-u1${EXTRACT_SUFX} \
+ en_GB-pack-${LANGVERSION}${EXTRACT_SUFX} \
+ es_ES-pack-${LANGVERSION}-u2${EXTRACT_SUFX} \
+ fi_FI-pack-${LANGVERSION}-u1${EXTRACT_SUFX} \
+ fr_FR-pack-${LANGVERSION}-u1${EXTRACT_SUFX} \
+ he_IL-pack-${LANGVERSION}-u1${EXTRACT_SUFX} \
+ hu_HU-pack-${LANGVERSION}-u1${EXTRACT_SUFX} \
+ is_IS-pack-${LANGVERSION}-u1${EXTRACT_SUFX} \
+ it_IT-pack-${LANGVERSION}${EXTRACT_SUFX} \
+ ja_JP-pack-${LANGVERSION}-u1${EXTRACT_SUFX} \
+ ko_KR-pack-${LANGVERSION}-u1${EXTRACT_SUFX} \
+ lt_LT-pack-${LANGVERSION}-u1${EXTRACT_SUFX} \
+ nl_NL-pack-${LANGVERSION}-u1${EXTRACT_SUFX} \
+ no_NO-pack-${LANGVERSION}${EXTRACT_SUFX} \
+ pl_PL-pack-${LANGVERSION}-u1${EXTRACT_SUFX} \
+ pt_BR-pack-${LANGVERSION}-u1${EXTRACT_SUFX} \
+ pt_PT-pack-${LANGVERSION}-u1${EXTRACT_SUFX} \
+ ru_RU.koi8r-pack-${LANGVERSION}${EXTRACT_SUFX} \
+ sl_SI-pack-${LANGVERSION}${EXTRACT_SUFX} \
+ sv_SE-pack-${LANGVERSION}-u2${EXTRACT_SUFX} \
+ tr_TR-pack-${LANGVERSION}${EXTRACT_SUFX} \
+ uk_UA-pack-${LANGVERSION}${EXTRACT_SUFX} \
+ vi_VN-pack-${LANGVERSION}-u2${EXTRACT_SUFX} \
+ zh_CN-pack-${LANGVERSION}${EXTRACT_SUFX} \
+ zh_TW-pack-${LANGVERSION}-u1${EXTRACT_SUFX} \
+ zh_TW.utf8-pack-${LANGVERSION}${EXTRACT_SUFX}
WANT_PHP_WEB= yes
@@ -59,7 +61,7 @@
PKGMESSAGE= ${WRKDIR}/pkg-message
DOCFILES= AUTHORS ChangeLog README RELEASE_NOTES
EXCEPTFILES= ${DOCFILES} LICENSE.txt
-CPIO= cpio --quiet -pdum -R
+CPIOARGS= --quiet -pdum -R
PLIST_SUB= GALLERYDIR=${GALLERYDIR}
.include <bsd.port.pre.mk>
@@ -83,8 +85,8 @@
do-extract:
@ ${MKDIR} ${WRKDIR}
@ cd ${WRKDIR} && ${EXTRACT_CMD} ${EXTRACT_BEFORE_ARGS} ${_DISTDIR}/${DISTNAME}${EXTRACT_SUFX} ${EXTRACT_AFTER_ARGS}
- @ for file in ${LANGPACKS}; do \
- if ! (cd ${WRKDIR}/gallery/locale && ${EXTRACT_CMD} ${EXTRACT_BEFORE_ARGS} ${_DISTDIR}/$$file ${EXTRACT_AFTER_ARGS});\
+ @ for i in ${LANGPACKS}; do \
+ if ! (cd ${WRKDIR}/gallery/locale && ${EXTRACT_CMD} ${EXTRACT_BEFORE_ARGS} ${_DISTDIR}/$$i ${EXTRACT_AFTER_ARGS});\
then \
exit 1; \
fi \
@@ -93,7 +95,7 @@
do-install:
@ ${MKDIR} -m 0755 ${PREFIX}/${GALLERYDIR}
@ cd ${WRKSRC} && ${FIND} * -name \*.bat -o -name \*.orig -o -name \*Changelog ${EXCEPTFILES:S/^/-o -name /} \
- -o -print | ${CPIO} ${WWWOWN}:${WWWGRP} ${PREFIX}/${GALLERYDIR}
+ -o -print | ${CPIO} ${CPIOARGS} ${WWWOWN}:${WWWGRP} ${PREFIX}/${GALLERYDIR}
post-install:
.if !defined(NOPORTDOCS)
Index: ports/www/gallery/distinfo
===================================================================
RCS file: /home/freebsd/cvsroot/ports/www/gallery/distinfo,v
retrieving revision 1.13
diff -u -r1.13 distinfo
--- ports/www/gallery/distinfo 13 Jan 2004 12:53:54 -0000 1.13
+++ ports/www/gallery/distinfo 25 Jan 2004 19:24:21 -0000
@@ -1,4 +1,4 @@
-MD5 (gallery/gallery-1.4.1.tar.gz) = 7152ba06c6c879695cefd260acfd9b8f
+MD5 (gallery/gallery-1.4.1-pl1.tar.gz) = be41eceb5a5d3c545c72a35c3a4876c2
MD5 (gallery/af_ZA-pack-1.4.1-u1.tar.gz) = 3e39752633f68280ede7673a20fa295f
MD5 (gallery/bg_BG-pack-1.4.1-u1.tar.gz) = b5be2721c6f1f21b8da6d59aa8bbc1ff
MD5 (gallery/cs_CZ.cp1250-pack-1.4.1-u1.tar.gz) = 2c0c201f1d48dae7b5a9cb33bfa48cad
Index: ports/www/gallery/files/patch-manifest.inc
===================================================================
RCS file: /home/freebsd/cvsroot/ports/www/gallery/files/patch-manifest.inc,v
retrieving revision 1.1
diff -u -r1.1 patch-manifest.inc
--- ports/www/gallery/files/patch-manifest.inc 13 Jan 2004 12:53:54 -0000 1.1
+++ ports/www/gallery/files/patch-manifest.inc 25 Jan 2004 19:26:02 -0000
@@ -1,13 +1,13 @@
---- manifest.inc.orig Wed Nov 26 08:06:54 2003
-+++ manifest.inc Mon Jan 12 18:08:37 2004
+--- manifest.inc.orig Sat Jan 24 22:45:58 2004
++++ manifest.inc Sun Jan 25 11:25:43 2004
@@ -28,9 +28,6 @@
*/
$versions=array();
-$versions['AUTHORS']='1.16';
-$versions['LICENSE.txt']='1.2';
--$versions['README']='1.28';
- $versions['Version.php']='1.496.2.38';
+-$versions['README']='1.28.6.1';
+ $versions['Version.php']='1.496.2.40';
$versions['add_comment.php']='1.26.2.1';
$versions['add_photo.php']='1.18';
@@ -39,7 +36,6 @@
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list