ports/83840: update ports: www/tdiary
Fumihiko Kimura
jfkimura at yahoo.co.jp
Thu Jul 21 09:20:26 UTC 2005
>Number: 83840
>Category: ports
>Synopsis: update ports: www/tdiary
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Thu Jul 21 09:20:23 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Fumihiko Kimura
>Release: FreeBSD 4.11-RELEASE i386
>Organization:
>Environment:
>Description:
- Security (against CSRF attack) update to 2.0.2
(JP Vendor Status Notes) JVN#60776919
(http://jvn.jp/jp/JVN%2360776919/index.html
http://www.ipa.go.jp/security/vuln/documents/2005/JVN_60776919_tdiary.html)
Cross-site request forgery (CSRF) vulnerability in tDiary versions 2.1.1, 2.0.1 and before.
>How-To-Repeat:
>Fix:
=== begin cut here ===
diff -urN tdiary.orig/Makefile tdiary/Makefile
--- tdiary.orig/Makefile Wed Apr 13 23:34:48 2005
+++ tdiary/Makefile Thu Jul 21 17:07:32 2005
@@ -6,10 +6,9 @@
#
PORTNAME= tdiary
-PORTVERSION= 2.0.1
+PORTVERSION= 2.0.2
CATEGORIES?= www ruby
-MASTER_SITES= \
- ${MASTER_SITE_SOURCEFORGE} \
+MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} \
http://www.tdiary.org/download/
MASTER_SITE_SUBDIR= ${PORTNAME}
DISTNAME= ${PORTNAME}-full-${PORTVERSION}
@@ -17,10 +16,11 @@
MAINTAINER= jfkimura at yahoo.co.jp
COMMENT= A Web-based diary system (like weblog) written in Ruby
-NO_BUILD= yes
-CONFLICTS?= ja-tdiary-*
-PKGMESSAGE= ${WRKDIR}/pkg-message
-USE_RUBY= yes
+NO_BUILD= yes
+CONFLICTS?= ja-tdiary-[0-9]*
+PKGMESSAGE= ${WRKDIR}/pkg-message
+USE_RUBY= yes
+
.if !defined(WITHOUT_RUBY_FEATURES)
USE_RUBY_FEATURES= fileutils
.endif
@@ -29,18 +29,30 @@
misc/plugin/windex.rb \
misc/plugin/trackback/tb.rb misc/style/etdiary/etdiary_test.rb
+PLIST_FILES= ${TDIARYDIR:S|${LOCALBASE}/||}/tdiaryinst.rb
TDIARYDIR= ${EXAMPLESDIR}
WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION}
+
+#TDIARY_LANG ja:Japanese en:English zh:Traditional-Chinese
+
.if !defined(TDIARY_LANG)
-TDIARY_LANG= tdiary.conf-en
+TDIARY_LANG= en
+.else
+.if ${TDIARY_LANG} == "tdiary.conf-ja"
+TDIARY_LANG= ja
+.endif
.endif
-
.if defined(WITH_TDIARY_UCONV)
RUN_DEPENDS+= ${RUBY_SITEARCHLIBDIR}/uconv.so:${PORTSDIR}/japanese/ruby-uconv
.endif
.if defined(WITH_TDIARY_NORA)
RUN_DEPENDS+= ${RUBY_SITEARCHLIBDIR}/web/escape_ext.so:${PORTSDIR}/www/ruby-nora
.endif
+.include <bsd.port.pre.mk>
+
+.if ${RUBY_VERSION_CODE} < 163
+IGNORE= Needs ruby 1.6.3 or higher, check ruby's version and try again
+.endif
do-install:
@-${MKDIR} ${TDIARYDIR}
@@ -48,12 +60,11 @@
-e 's,@@@@LANG@@@@,${TDIARY_LANG},g' \
${FILESDIR}/tdiaryinst.rb.in > ${TDIARYDIR}/tdiaryinst.rb
@${CP} -pR ${WRKSRC}/ ${TDIARYDIR}
-.if ${TDIARY_LANG} == tdiary.conf-en
- @${ECHO_MSG} "===> TDIARY : English Language messages support"
- @${RUBY} -i -pe 'sub(/%Y-%m-%d/, "%Y-%m-%d [%a]")' ${TDIARYDIR}/misc/i18n/tdiary.conf.sample-en
-.else
+.if ${TDIARY_LANG} == ja
@${ECHO_MSG} "===> TDIARY : Japanese Language messages support"
@${RUBY} -i -pe 'sub(/%Y-%m-%d/, "%Y-%m-%d [%J]")' ${TDIARYDIR}/tdiary.conf.sample
+.else
+ @${RUBY} -i -pe 'sub(/%Y-%m-%d/, "%Y-%m-%d [%a]")' ${TDIARYDIR}/misc/i18n/tdiary.conf.sample-en
.endif
@${CHOWN} -R ${SHAREOWN}:${SHAREGRP} ${TDIARYDIR}
@@ -63,4 +74,4 @@
@${SED} -e 's|%%EXAMPLESDIR%%|${EXAMPLESDIR}|' < ${FILESDIR}/pkg-message.in > ${PKGMESSAGE}
@${CAT} ${PKGMESSAGE}
-.include <bsd.port.mk>
+.include <bsd.port.post.mk>
diff -urN tdiary.orig/distinfo tdiary/distinfo
--- tdiary.orig/distinfo Wed Apr 13 23:34:48 2005
+++ tdiary/distinfo Thu Jul 21 16:24:05 2005
@@ -1,2 +1,2 @@
-MD5 (tdiary-full-2.0.1.tar.gz) = 05e75ef43bf89aa46c926acc825a5039
-SIZE (tdiary-full-2.0.1.tar.gz) = 1704264
+MD5 (tdiary-full-2.0.2.tar.gz) = 1c4d1dd765d10b4d074b3bc50d2e65ff
+SIZE (tdiary-full-2.0.2.tar.gz) = 2121313
diff -urN tdiary.orig/files/tdiaryinst.rb.in tdiary/files/tdiaryinst.rb.in
--- tdiary.orig/files/tdiaryinst.rb.in Wed Apr 13 23:34:48 2005
+++ tdiary/files/tdiaryinst.rb.in Thu Jul 21 17:11:31 2005
@@ -85,7 +85,7 @@
STDERR.print " --name=<author_name> Specify author name\n"
STDERR.print " --mail=<author_mail> Specify author mail address\n"
STDERR.print " --tdiarymaster=<dir> Specify tDiary master directory default: @@@@PREFIX@@@@/share/examples/tdiary\n"
- STDERR.print " --lang=<language> Specify your language ('en' or 'ja') default: @@@@LANG@@@@\n"
+ STDERR.print " --lang=<language> Specify your language ('en' or 'ja' or 'zh') default: @@@@LANG@@@@\n"
STDERR.print " --suexec Use suExec for CGI execution\n"
STDERR.print " --symlink Use symbolic link for tDiary master files\n"
STDERR.print " --quiet Do not display any information\n"
@@ -158,6 +158,9 @@
when 'tdiary.conf-ja' , 'ja'
@lang = 'ja'
@tdconfig = 'tdiary.conf-ja'
+ when 'zh'
+ @lang = 'zh'
+ @tdconfig = 'tdiary.conf-en'
else
raise "Unknown Language : #{value}"
end
@@ -281,6 +284,7 @@
line = "@author_mail = '#{@author_mail}'\n" if line =~ /^\@author_mail\s/
line = "@html_title = '#{@author_name} diary'\n" if line =~ /^\@html_title\s/
line = "@index_page = 'http://#{@author_host}/~#{@username}\/'" if line =~ /^\@index_page\s/
+ line = "@lang = '#{@lang}'\n" if line =~ /^\@lang\s/
s += line
}
}
diff -urN tdiary.orig/pkg-descr tdiary/pkg-descr
--- tdiary.orig/pkg-descr Sun Jun 1 22:59:06 2003
+++ tdiary/pkg-descr Thu Jul 21 16:32:10 2005
@@ -2,7 +2,7 @@
It is possible for diary readers to add comments to your diary.
- require Ruby 1.6.3 or later
- - currently supported: Japanese, English
+ - currently supported: Japanese, English, Traditional-Chinese
tDiary is developed on http://sourceforge.net/projects/tdiary/ .
See URL for more information.
diff -urN tdiary.orig/pkg-plist tdiary/pkg-plist
--- tdiary.orig/pkg-plist Thu May 6 22:13:10 2004
+++ tdiary/pkg-plist Thu Jan 1 09:00:00 1970
@@ -1 +0,0 @@
-%%EXAMPLESDIR%%/tdiaryinst.rb
=== ended cut here ===
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list