[Bug 257845] mail/postfixadmin: Security update to 3.3.10

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 23 Aug 2021 00:37:56 +0000
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257845

Rin Morningstar <ports.maintainer_at_evilphi.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #227195|0                           |1
        is obsolete|                            |
 Attachment #227196|0                           |1
        is obsolete|                            |
 Attachment #227370|                            |maintainer-approval+
              Flags|                            |

--- Comment #3 from Rin Morningstar <ports.maintainer_at_evilphi.com> ---
Created attachment 227370
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=227370&action=edit
Revised patch updating 3.2.4 -> 3.3.10

Update to 3.3.10

Security fix for a clickjacking vulnerability. See:
https://huntr.dev/bounties/872e57e6-f7ab-4f9b-aa0c-209c8a3f499e/

3.2->3.3 requires generating a new setup hash.  The post-ugprade visit
to setup.php will walk you through this.

Other changes:
-XMLRPC support is moribund, so drop it from USE_PHP
-Virtual vacation scripts are now optional, making building without
 perl5 possible
-Optionally add imap to USE_PHP module for completeness
-Default options changed for maximal out-of-the-box support

-- 
You are receiving this mail because:
You are the assignee for the bug.
Received on Mon Aug 23 2021 - 00:37:56 UTC

Original text of this message