ports/87198: update port: www/zope28 (Hotfix 2005-10-09 Alert)
Denis Shaposhnikov
dsh at vlink.ru
Mon Oct 10 09:30:18 UTC 2005
>Number: 87198
>Category: ports
>Synopsis: update port: www/zope28 (Hotfix 2005-10-09 Alert)
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Mon Oct 10 09:30:17 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Denis Shaposhnikov
>Release: FreeBSD 7.0-CURRENT i386
>Organization:
>Environment:
System: FreeBSD neva.vlink.ru 7.0-CURRENT FreeBSD 7.0-CURRENT #21: Sun Aug 14 15:59:53 MSD 2005 dsh at neva.vlink.ru:/var/FreeBSD/obj/var/FreeBSD/src/sys/NEVA i386
>Description:
Hotfix 2005-10-09 Alert
This hotfix addresses an important security issue that affects users of Zope
versions 2.6 or higher.
This hotfix resolves a security issue with docutils.
Affected are possibly all Zope instances that expose RestructuredText
functionalies to untrusted users through the web.
>How-To-Repeat:
>Fix:
diff -Nru zope28.orig/Makefile zope28/Makefile
--- zope28.orig/Makefile Mon Oct 10 13:17:18 2005
+++ zope28/Makefile Mon Oct 10 13:15:26 2005
@@ -7,12 +7,16 @@
PORTNAME= zope
PORTVERSION= 2.8.1
-PORTREVISION= 2
+PORTREVISION= 3
CATEGORIES= www python zope
-MASTER_SITES= http://www.zope.org/Products/Zope/${PORTVERSION}/
+MASTER_SITES= http://www.zope.org/Products/Zope/${PORTVERSION}/ \
+ http://www.zope.org/Products/Zope/Hotfix_2005-10-09/security_alert/:hotfix_20051009
DISTNAME= Zope-${PORTVERSION}-final
EXTRACT_SUFX= .tgz
+DISTFILES= ${DISTNAME}${EXTRACT_SUFX} \
+ Hotfix_2005-10-09.tar.gz:hotfix_20051009
DIST_SUBDIR= zope
+EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX}
MAINTAINER= dsh at vlink.ru
COMMENT= An object-based web application platform
@@ -60,6 +64,9 @@
.else
ISBATCH= ""
.endif
+
+pre-patch:
+ ${TAR} xzf ${DISTDIR}/${DIST_SUBDIR}/Hotfix_2005-10-09.tar.gz -C ${WRKSRC}/lib/python
post-patch:
${REINPLACE_CMD} \
diff -Nru zope28.orig/distinfo zope28/distinfo
--- zope28.orig/distinfo Mon Oct 10 13:17:18 2005
+++ zope28/distinfo Mon Oct 10 11:20:57 2005
@@ -1,2 +1,4 @@
MD5 (zope/Zope-2.8.1-final.tgz) = 0ec441a35175bb8d8c557b7d3c63f6f6
SIZE (zope/Zope-2.8.1-final.tgz) = 5343921
+MD5 (zope/Hotfix_2005-10-09.tar.gz) = 607b2f4fa702d6e41f0bf960ec41979e
+SIZE (zope/Hotfix_2005-10-09.tar.gz) = 265673
diff -Nru zope28.orig/pkg-plist zope28/pkg-plist
--- zope28.orig/pkg-plist Mon Oct 10 13:17:18 2005
+++ zope28/pkg-plist Mon Oct 10 13:02:45 2005
@@ -3100,6 +3100,8 @@
%%ZOPEBASEDIR%%/lib/python/docutils/languages/__init__.pyc
%%ZOPEBASEDIR%%/lib/python/docutils/languages/af.py
%%ZOPEBASEDIR%%/lib/python/docutils/languages/af.pyc
+%%ZOPEBASEDIR%%/lib/python/docutils/languages/ca.py
+%%ZOPEBASEDIR%%/lib/python/docutils/languages/ca.pyc
%%ZOPEBASEDIR%%/lib/python/docutils/languages/cs.py
%%ZOPEBASEDIR%%/lib/python/docutils/languages/cs.pyc
%%ZOPEBASEDIR%%/lib/python/docutils/languages/de.py
@@ -3116,6 +3118,8 @@
%%ZOPEBASEDIR%%/lib/python/docutils/languages/fr.pyc
%%ZOPEBASEDIR%%/lib/python/docutils/languages/it.py
%%ZOPEBASEDIR%%/lib/python/docutils/languages/it.pyc
+%%ZOPEBASEDIR%%/lib/python/docutils/languages/nl.py
+%%ZOPEBASEDIR%%/lib/python/docutils/languages/nl.pyc
%%ZOPEBASEDIR%%/lib/python/docutils/languages/pt_br.py
%%ZOPEBASEDIR%%/lib/python/docutils/languages/pt_br.pyc
%%ZOPEBASEDIR%%/lib/python/docutils/languages/ru.py
@@ -3132,6 +3136,7 @@
%%ZOPEBASEDIR%%/lib/python/docutils/parsers/__init__.pyc
%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/__init__.py
%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/__init__.pyc
+%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/directives/.misc.py.swo
%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/directives/__init__.py
%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/directives/__init__.pyc
%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/directives/admonitions.py
@@ -3154,6 +3159,8 @@
%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/__init__.pyc
%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/af.py
%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/af.pyc
+%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/ca.py
+%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/ca.pyc
%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/cs.py
%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/cs.pyc
%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/de.py
@@ -3170,6 +3177,8 @@
%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/fr.pyc
%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/it.py
%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/it.pyc
+%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/nl.py
+%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/nl.pyc
%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/pt_br.py
%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/pt_br.pyc
%%ZOPEBASEDIR%%/lib/python/docutils/parsers/rst/languages/ru.py
@@ -3230,6 +3239,10 @@
%%ZOPEBASEDIR%%/lib/python/docutils/writers/html4css1.pyc
%%ZOPEBASEDIR%%/lib/python/docutils/writers/latex2e.py
%%ZOPEBASEDIR%%/lib/python/docutils/writers/latex2e.pyc
+%%ZOPEBASEDIR%%/lib/python/docutils/writers/newlatex2e.py
+%%ZOPEBASEDIR%%/lib/python/docutils/writers/newlatex2e.pyc
+%%ZOPEBASEDIR%%/lib/python/docutils/writers/null.py
+%%ZOPEBASEDIR%%/lib/python/docutils/writers/null.pyc
%%ZOPEBASEDIR%%/lib/python/docutils/writers/pep_html.py
%%ZOPEBASEDIR%%/lib/python/docutils/writers/pep_html.pyc
%%ZOPEBASEDIR%%/lib/python/docutils/writers/pseudoxml.py
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list