cvs commit: ports/www/joomla Makefile distinfo pkg-plist
Sergey Matveychuk
sem at FreeBSD.org
Mon Nov 28 07:30:36 GMT 2005
sem 2005-11-28 07:30:34 UTC
FreeBSD ports repository
Modified files:
www/joomla Makefile distinfo pkg-plist
Log:
- Update to 1.0.4
It fixes 6 Security Vunerabilities:
Critical Level Threats
Potentional XSS injection through GET and other variables
- Affects all previous versions of Joomla! and Mambo 4.5.2.3
Hardened SEF against XSS injection
- Affects all previous versions of Joomla! and Mambo 4.5.2.3
Low Level Threats
Potential SQL injection in Polls modules through the Itemid variable
- Affects all previous versions of Joomla! and Mambo 4.5.2.x series
Potential SQL injection in several methods in mosDBTable class
- Affects all previous versions of Joomla! and Mambo 4.5.2.x series
Potential misuse of Media component file management functions
- Affects all previous versions of Joomla! and Mambo 4.5.2.x series
Add search limit param (default of 50) to `Search` Mambots to prevent search flooding
- Affects all previous versions of Joomla! and Mambo 4.5.2.x series
PR: ports/89596
Submitted by: Francisco Alves Cabrita (maintainer)
Revision Changes Path
1.2 +3 -3 ports/www/joomla/Makefile
1.2 +3 -2 ports/www/joomla/distinfo
1.2 +10 -8 ports/www/joomla/pkg-plist
More information about the cvs-all
mailing list