ports/93406: security/pear-Auth: upgrade to Auth-1.2.4 and fixes a security issue.
Thierry Thomas
thierry at FreeBSD.org
Wed Feb 15 20:40:05 UTC 2006
>Number: 93406
>Category: ports
>Synopsis: security/pear-Auth: upgrade to Auth-1.2.4 and fixes a security issue.
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Wed Feb 15 20:40:03 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Thierry Thomas
>Release: FreeBSD 6.0-STABLE i386
>Organization:
Kabbale Eros
>Environment:
System: FreeBSD freefall.freebsd.org 6.0-STABLE FreeBSD 6.0-STABLE #0: Sat Dec 10 03:18:20 UTC 2005 kensmith at freefall.freebsd.org:/usr/obj/usr/src/sys/FREEFALL i386
>Description:
According to the official announcement:
This release fixes a security issue that allows an attacker to perform
injection attacks against the underlying storage containers. Upgrading
is strongly recommended!
See changelog at <http://pear.php.net/package/Auth/download/1.2.4>.
>How-To-Repeat:
N/A.
>Fix:
Apply the following patch:
--- pear-Auth.diff begins here ---
diff -urN security/pear-Auth.orig/Makefile security/pear-Auth/Makefile
--- security/pear-Auth.orig/Makefile Sat Dec 10 15:22:52 2005
+++ security/pear-Auth/Makefile Wed Feb 15 21:18:35 2006
@@ -6,8 +6,7 @@
#
PORTNAME= Auth
-PORTVERSION= 1.2.3
-PORTREVISION= 1
+PORTVERSION= 1.2.4
CATEGORIES= security pear
MAINTAINER= antonio at php.net
@@ -23,8 +22,6 @@
PEAR_MDB "PEAR::MDB support" off \
PEAR_AUTH_RADIUS "PEAR::Auth_RADIUS support" off \
PEAR_FILE_SMBPASSWD "PEAR::File_SMBPasswd support" off
-
-USE_REINPLACE= yes
CATEGORY= Auth
FILES= Auth.php Auth/Auth.php Container.php Container/DB.php \
diff -urN security/pear-Auth.orig/distinfo security/pear-Auth/distinfo
--- security/pear-Auth.orig/distinfo Wed Jan 25 14:05:04 2006
+++ security/pear-Auth/distinfo Wed Feb 15 21:19:08 2006
@@ -1,3 +1,3 @@
-MD5 (PEAR/Auth-1.2.3.tgz) = 1506c2a27afe85e8d56eaa8466b6f13a
-SHA256 (PEAR/Auth-1.2.3.tgz) = 6ff08d0eacba3de45e791f12761c2bf6be0490b14a7a563239f3d97c885119bd
-SIZE (PEAR/Auth-1.2.3.tgz) = 24040
+MD5 (PEAR/Auth-1.2.4.tgz) = c1860f21a842aae14d3118bc97fc6417
+SHA256 (PEAR/Auth-1.2.4.tgz) = 016562c68cf88a534fade2d133ce89b3dfc510f2841afbe7c354324580aea440
+SIZE (PEAR/Auth-1.2.4.tgz) = 23387
--- pear-Auth.diff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list