ports/59741: [maintainer update]Fix Potential security issue with search in phpbb
Kang Liu
liukang at bjpu.edu.cn
Fri Nov 28 00:20:16 UTC 2003
>Number: 59741
>Category: ports
>Synopsis: [maintainer update]Fix Potential security issue with search in phpbb
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Thu Nov 27 16:20:13 PST 2003
>Closed-Date:
>Last-Modified:
>Originator: Kang Liu
>Release: FreeBSD 4.9-RELEASE i386
>Organization:
Beijing University of Technology
>Environment:
System: FreeBSD 4.9-RELEASE
>Description:
The phpbb developers just released a announcement about potential security issue with search:
http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=153818
They updated the src-pack but didn't change the version number.
I know the port freeze has begun, but this problem seems serious,
and all src-packs have been updated, phpbb is borken(checksum) now.
As Joe Marcus Clarke said in PR:56706, All build fixes do not need portmgr approval.
Can anyone commit it?
>How-To-Repeat:
run make at ports/www/phpbb
>Fix:
--- distinfo.orig Thu Sep 18 02:14:52 2003
+++ distinfo Fri Nov 28 07:54:56 2003
@@ -1 +1 @@
-MD5 (phpBB-2.0.6.tar.bz2) = ee73baaac8f2f72c2a1d879ea811bd07
+MD5 (phpBB-2.0.6.tar.bz2) = 6574f13e2c7b66fda4faf1b2ddacae48
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list