ports/174741: www/drupal7 7.16 -> 7.18

Rick van der Zwet info at rickvanderzwet.nl
Thu Dec 27 14:10:01 UTC 2012 

>Number:         174741
>Category:       ports
>Synopsis:       www/drupal7 7.16 -> 7.18
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Thu Dec 27 14:10:01 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator:     Rick van der Zwet
>Release:        FreeBSD 8.3-RELEASE-p3 amd64
>Organization:
Stichting Wireless Leiden
>Environment:
System: FreeBSD tyan.wirelessleiden.nl 8.3-RELEASE-p3 FreeBSD 8.3-RELEASE-p3 #0: Tue Jun 12 00:39:29 UTC 2012 root at amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64


	
>Description:
New release of Drupal7 fixing security vulnerabilities:
    	Access bypass (User module search - Drupal 6 and 7): CVE-2012-5651
    	Access bypass (Upload module - Drupal 6): CVE-2012-5652
 	Arbitrary PHP code execution (File upload modules - Drupal 6 and 7): CVE-2012-5653

	https://drupal.org/SA-CORE-2012-004
	
>How-To-Repeat:
	
>Fix:
Apply the attached patch to bump the version
	

--- www-drupal7.patch begins here ---
diff -u www/drupal7.orig/Makefile www/drupal7/Makefile
--- www/drupal7.orig/Makefile	2012-12-27 13:55:07.000000000 +0000
+++ www/drupal7/Makefile	2012-12-27 13:55:25.000000000 +0000
@@ -2,7 +2,7 @@
 # $FreeBSD: ports/www/drupal7/Makefile,v 1.74 2012/11/17 06:02:32 svnexp Exp $
 
 PORTNAME=	drupal7
-PORTVERSION=	7.16
+PORTVERSION=	7.18
 CATEGORIES=	www
 MASTER_SITES=	http://ftp.drupal.org/files/projects/
 DISTNAME=	drupal-${PORTVERSION}
diff -u www/drupal7.orig/distinfo www/drupal7/distinfo
--- www/drupal7.orig/distinfo	2012-12-27 13:55:07.000000000 +0000
+++ www/drupal7/distinfo	2012-12-27 13:55:40.000000000 +0000
@@ -1,2 +1,2 @@
-SHA256 (drupal/drupal-7.16.tar.gz) = 353625d8aa59a22b791fce8a00d22249900c7d3ea650662fdd6b0445e15e3c76
-SIZE (drupal/drupal-7.16.tar.gz) = 3142889
+SHA256 (drupal/drupal-7.18.tar.gz) = c0add5d9e9ae9d09f9685b599c10b0bdce2548879cfe618099d01337181dc7a8
+SIZE (drupal/drupal-7.18.tar.gz) = 3162333
--- www-drupal7.patch ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list