ports/100081: upgrade for port www/trac
Adrian Penisoara
ady at freebsd.ady.ro
Tue Jul 11 11:10:24 UTC 2006
>Number: 100081
>Category: ports
>Synopsis: upgrade for port www/trac
>Confidential: no
>Severity: non-critical
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Tue Jul 11 11:10:14 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Adrian Penisoara
>Release: FreeBSD 6.1-STABLE i386
>Organization:
ROFUG
>Environment:
FreeBSD motoko.cdo-partners.ro 6.1-STABLE FreeBSD 6.1-STABLE #2: Mon May 15 11:29:21 EEST 2006 root-motoko.cdo-partners.ro:/usr/obj/usr/src/sys/MOTOKO-SMP i386
>Description:
Port www/trac, at version 0.9.5, is affected by a security vulnerability
registered in VuXML:
http://www.freebsd.org/ports/portaudit/b0d61f73-0e11-11db-a47b-000c2957fdf1.html
The Trac project already made available version 0.9.6 which fixes the above
problem -- quoting from http://trac.edgewall.org/wiki/ChangeLog :
0.9.6
* Fixed reStructuredText breach of privacy and denial of service vulnerability
found by Felix Wiemann.
>How-To-Repeat:
>Fix:
No extensive testing, but I already use it in production at a customer site.
diff -ruN trac.orig/Makefile trac/Makefile
--- trac.orig/Makefile Wed Apr 26 21:10:39 2006
+++ trac/Makefile Tue Jul 11 10:48:54 2006
@@ -6,7 +6,7 @@
#
PORTNAME= trac
-PORTVERSION= 0.9.5
+PORTVERSION= 0.9.6
CATEGORIES= www devel python
MASTER_SITES= http://ftp.edgewall.com/pub/trac/ \
ftp://ftp.edgewall.com/pub/trac/
diff -ruN trac.orig/distinfo trac/distinfo
--- trac.orig/distinfo Wed Apr 26 21:10:39 2006
+++ trac/distinfo Tue Jul 11 10:49:00 2006
@@ -1,3 +1,3 @@
-MD5 (trac-0.9.5.tar.gz) = 3b7d708eaf905cc6ba2b6b10a09a8cf4
-SHA256 (trac-0.9.5.tar.gz) = b4a6ef89e74932d78ac1e2ea5f15099bff1fbe8b46c8be63d43e8163c88e70a5
-SIZE (trac-0.9.5.tar.gz) = 339170
+MD5 (trac-0.9.6.tar.gz) = 1f6bb25107612b7d0566e21ea133f266
+SHA256 (trac-0.9.6.tar.gz) = 67862c30c2dd0852ba4778a23bba79ab2387e9b40a85b40865cb76c4fa878dfc
+SIZE (trac-0.9.6.tar.gz) = 339647
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list