ports/110709: [maintainer update] www/zope29 update to fix vulnerability
Yasushi Hayashi
yasi at yasi.to
Fri Mar 23 12:30:06 UTC 2007
>Number: 110709
>Category: ports
>Synopsis: [maintainer update] www/zope29 update to fix vulnerability
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Fri Mar 23 12:30:05 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: Yasushi Hayashi
>Release: FreeBSD 6.2-STABLE i386
>Organization:
>Environment:
System: FreeBSD www.yasi.to 6.2-STABLE FreeBSD 6.2-STABLE #1: Sat Feb 10 09:05:27 JST 2007 root@
www.yasi.to:/usr/obj/usr/src/sys/GENERIC i386
>Description:
In March 20,2007, Zope.org released hotfix for cross-site scripting vulnerability.
See: http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view
This PR upgrade www/zope29.
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
diff -urN /usr/ports/www/zope29.old/Makefile /usr/ports/www/zope29/Makefile
--- /usr/ports/www/zope29.old/Makefile Thu Jan 4 22:16:03 2007
+++ /usr/ports/www/zope29/Makefile Thu Mar 22 20:47:01 2007
@@ -7,10 +7,14 @@
PORTNAME= zope29
PORTVERSION= 2.9.6
+PORTREVISION= 1
CATEGORIES= www python zope
-MASTER_SITES= http://www.zope.org/Products/Zope/${PORTVERSION}/
+MASTER_SITES= http://www.zope.org/Products/Zope/${PORTVERSION}/ \
+ http://www.zope.org/Products/Zope/Hotfix-2007-03-20/Hotfix-20070320/:hotfix
DISTNAME= Zope-${PORTVERSION}-final
EXTRACT_SUFX= .tgz
+DISTFILES= ${DISTNAME}${EXTRACT_SUFX} \
+ Hotfix_20070320.tgz:hotfix
DIST_SUBDIR= zope
MAINTAINER= yasi at yasi.to
@@ -72,6 +76,9 @@
-e 's,^.*LN.*PYTHON.*$$,,g' \
${WRKSRC}/${MAKEFILE}
+post-build:
+ -@${PYTHON_CMD} ${PYTHON_LIBDIR}/compileall.py ${WRKDIR}/Hotfix_20070320/
+
post-install:
${MV} ${ZOPEBASEDIR}/skel/etc/zope.conf.in \
${ZOPEBASEDIR}/skel/etc/zope.conf.sample.in
@@ -79,6 +86,7 @@
${MKDIR} ${ZOPEBASEDIR}/Products
${CP} ${FILESDIR}/Products_00readme-freebsd.txt \
${ZOPEBASEDIR}/Products/00readme-freebsd.txt
+ ${CP} -R ${WRKDIR}/Hotfix_20070320 ${ZOPEBASEDIR}/Products/
${FIND} ${ZOPEBASEDIR} -type f -print0 | ${XARGS} -0 -- ${CHMOD} a-w+r
diff -urN /usr/ports/www/zope29.old/distinfo /usr/ports/www/zope29/distinfo
--- /usr/ports/www/zope29.old/distinfo Thu Jan 4 22:16:03 2007
+++ /usr/ports/www/zope29/distinfo Thu Mar 22 20:19:35 2007
@@ -1,3 +1,6 @@
MD5 (zope/Zope-2.9.6-final.tgz) = a87008a9e78248072ea5908e1006b269
SHA256 (zope/Zope-2.9.6-final.tgz) = 00ffe561df9ede6543bf5dceeea964048ee005705ba98dd8f8dbfcd8dd64fcc4
SIZE (zope/Zope-2.9.6-final.tgz) = 6989768
+MD5 (zope/Hotfix_20070320.tgz) = 0b4cd365d99731e18827ead11400087d
+SHA256 (zope/Hotfix_20070320.tgz) = 3b8760301826aba22386a561de48523663fc7840fc11280e2c34163ba4be383a
+SIZE (zope/Hotfix_20070320.tgz) = 3805
diff -urN /usr/ports/www/zope29.old/pkg-plist /usr/ports/www/zope29/pkg-plist
--- /usr/ports/www/zope29.old/pkg-plist Thu Jan 4 22:16:09 2007
+++ /usr/ports/www/zope29/pkg-plist Thu Mar 22 20:56:37 2007
@@ -1,4 +1,12 @@
%%ZOPEBASEDIR%%/Products/00readme-freebsd.txt
+%%ZOPEBASEDIR%%/Products/Hotfix_20070320/README.txt
+%%ZOPEBASEDIR%%/Products/Hotfix_20070320/__init__.py
+%%ZOPEBASEDIR%%/Products/Hotfix_20070320/__init__.pyc
+%%ZOPEBASEDIR%%/Products/Hotfix_20070320/tests/__init__.py
+%%ZOPEBASEDIR%%/Products/Hotfix_20070320/tests/test_hotfix.py
+%%ZOPEBASEDIR%%/Products/Hotfix_20070320/tests/__init__.pyc
+%%ZOPEBASEDIR%%/Products/Hotfix_20070320/tests/test_hotfix.pyc
+%%ZOPEBASEDIR%%/Products/Hotfix_20070320/version.txt
%%ZOPEBASEDIR%%/bin/README.txt
%%ZOPEBASEDIR%%/bin/analyze.py
%%ZOPEBASEDIR%%/bin/check_catalog.py
@@ -9540,5 +9548,7 @@
@dirrm %%ZOPEBASEDIR%%/lib
@dirrm %%ZOPEBASEDIR%%/doc
@dirrm %%ZOPEBASEDIR%%/bin
+ at dirrm %%ZOPEBASEDIR%%/Products/Hotfix_20070320/tests
+ at dirrm %%ZOPEBASEDIR%%/Products/Hotfix_20070320/
@dirrmtry %%ZOPEBASEDIR%%/Products
@dirrmtry %%ZOPEBASEDIR%%
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list