ports/147195: [maintainer update][patch]Update port: www/ziproxy to 3.0.1

Pavel Pankov pankov_p at mail.ru
Sat May 29 19:50:02 UTC 2010 

>Number:         147195
>Category:       ports
>Synopsis:       [maintainer update][patch]Update port: www/ziproxy to 3.0.1
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Sat May 29 19:50:01 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator:     Pavel Pankov
>Release:        8.0-STABLE
>Organization:
PKD
>Environment:
FreeBSD vds4.pankov.pp.ru 8.0-STABLE FreeBSD 8.0-STABLE #0 r8M: Tue May 18 10:39:52 IRKST 2010     root at freebsd8-amd64.ispsystem.net:/root/src/sys/amd64/compile/ISPSYSTEM  amd64
>Description:
- Update to 3.0.1
- VuXML entry for ziproxy security flaw
- Restore installing of error files (lost due to misprint)
>How-To-Repeat:

>Fix:
Apply the attached patch.

Patch attached with submission follows:

Index: ports/security/vuxml/vuln.xml
===================================================================
RCS file: /home/ncvs/ports/security/vuxml/vuln.xml,v
retrieving revision 1.2159
diff -u -r1.2159 vuln.xml
--- ports/security/vuxml/vuln.xml	14 May 2010 18:28:43 -0000	1.2159
+++ ports/security/vuxml/vuln.xml	29 May 2010 19:46:52 -0000
@@ -34,6 +34,33 @@
 
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="b43004b8-6a53-11df-bc7b-0245fb008c0b">
+    <topic>ziproxy -- atypical huge picture files vulnerability</topic>
+    <affects>
+      <package>
+        <name>ziproxy</name>
+        <range><lt>3.0.1</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+         <p>Ziproxy 3.0.1 release fixes a security vulnerability related
+            to atypical huge picture files (>4GB of size once expanded).</p>
+      </body>
+    </description>
+    <references>
+      <url>http://ziproxy.sourceforge.net/#news</url>
+      <url>http://secunia.com/advisories/39941</url>
+      <cvename>CVE-2010-1513</cvename>
+      <bid>40344</bid>
+      <mlist msgid="201005210019.37119.dancab at gmx.net">http://sourceforge.net/mailarchive/message.php?msg_name=201005210019.37119.dancab%40gmx.net</mlist>
+    </references>
+    <dates>
+      <discovery>2010-05-20</discovery>
+      <entry>2010-05-28</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="fcc39d22-5777-11df-bf33-001a92771ec2">
     <topic>redmine -- multiple vulnerabilities</topic>
     <affects>
Index: ports/www/ziproxy/Makefile
===================================================================
RCS file: /home/ncvs/ports/www/ziproxy/Makefile,v
retrieving revision 1.22
diff -u -r1.22 Makefile
--- ports/www/ziproxy/Makefile	2 May 2010 16:52:10 -0000	1.22
+++ ports/www/ziproxy/Makefile	29 May 2010 19:46:52 -0000
@@ -5,7 +5,7 @@
 # $FreeBSD: ports/www/ziproxy/Makefile,v 1.22 2010/05/02 16:52:10 sylvio Exp $
 
 PORTNAME=		ziproxy
-PORTVERSION=		3.0.0
+PORTVERSION=		3.0.1
 CATEGORIES=		www
 MASTER_SITES=		SF/${PORTNAME}/${PORTNAME}/${PORTNAME}-${PORTVERSION}
 
@@ -65,7 +65,7 @@
 .endif
 
 	@${MKDIR} ${DATADIR}/error
-.for FILE in ${ERRORFILES}
+.for FILE in ${ERROR_FILES}
 	@${INSTALL_DATA} ${WRKSRC}/var/ziproxy/error/${FILE} ${DATADIR}/error/${FILE}
 .endfor
 
Index: ports/www/ziproxy/distinfo
===================================================================
RCS file: /home/ncvs/ports/www/ziproxy/distinfo,v
retrieving revision 1.15
diff -u -r1.15 distinfo
--- ports/www/ziproxy/distinfo	2 May 2010 16:52:11 -0000	1.15
+++ ports/www/ziproxy/distinfo	29 May 2010 19:46:52 -0000
@@ -1,3 +1,3 @@
-MD5 (ziproxy-3.0.0.tar.bz2) = f72c3859475fe8b119040f5f5f659ca0
-SHA256 (ziproxy-3.0.0.tar.bz2) = 05e74181d265e764a565a9f3567f53c254d364bb176bac0f5fa1bfe3facd7cb8
-SIZE (ziproxy-3.0.0.tar.bz2) = 257263
+MD5 (ziproxy-3.0.1.tar.bz2) = 7af0f00a5b58d17f8d9a4f768e740ef7
+SHA256 (ziproxy-3.0.1.tar.bz2) = c46032e2c1e0239bf869d91ff28226faf88130d822cf327f8c363ed2e1ed3e11
+SIZE (ziproxy-3.0.1.tar.bz2) = 257664
Index: ports/www/ziproxy/pkg-plist
===================================================================
RCS file: /home/ncvs/ports/www/ziproxy/pkg-plist,v
retrieving revision 1.7
diff -u -r1.7 pkg-plist
--- ports/www/ziproxy/pkg-plist	2 May 2010 16:52:11 -0000	1.7
+++ ports/www/ziproxy/pkg-plist	29 May 2010 19:46:52 -0000
@@ -13,5 +13,13 @@
 @exec if [ ! -f %D/etc/ziproxy/ziproxy.conf ] ; then cp -p %D/%F %B/ziproxy.conf; fi
 etc/ziproxy/ziproxy.conf.sample
 @dirrmtry etc/ziproxy
+%%DATADIR%%/error/400.html
+%%DATADIR%%/error/403.html
+%%DATADIR%%/error/404.html
+%%DATADIR%%/error/407.html
+%%DATADIR%%/error/408.html
+%%DATADIR%%/error/409.html
+%%DATADIR%%/error/500.html
+%%DATADIR%%/error/503.html
 @dirrm %%DATADIR%%/error
 @dirrm %%DATADIR%%


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list