ports/122734: Joomla prior to 1.0.15 security issues

Steve Wills steve at mouf.net
Sun Apr 13 18:50:01 UTC 2008 

>Number:         122734
>Category:       ports
>Synopsis:       Joomla prior to 1.0.15 security issues
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Apr 13 18:50:01 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Steve Wills
>Release:        FreeBSD 6.2
>Organization:
>Environment:
>Description:
Joomla prior to 1.0.15 has security issues. Please see:

http://www.joomla.org/content/blogcategory/32/66/

Especially:

http://www.joomla.org/content/view/4563/1/

and

http://www.joomla.org/content/view/4609/1/

The included/attached patch updates the port from the 1.0.13 release to 10.0.15.
>How-To-Repeat:

>Fix:
diff -ruN joomla.orig/Makefile joomla/Makefile
--- joomla.orig/Makefile	Sun Apr 13 14:30:56 2008
+++ joomla/Makefile	Sun Apr 13 14:36:30 2008
@@ -5,9 +5,9 @@
 # $FreeBSD: ports/www/joomla/Makefile,v 1.14 2007/08/05 07:33:23 miwi Exp $
 
 PORTNAME=	joomla
-PORTVERSION=	1.0.13
+PORTVERSION=	1.0.15
 CATEGORIES=	www
-MASTER_SITES=	http://downloads.joomlacode.org/frsrelease/1/3/2/13215/
+MASTER_SITES=	http://downloads.joomlacode.org/frsrelease/2/2/5/22536/
 DISTNAME=	Joomla_${PORTVERSION}-Stable-Full_Package
 DIST_SUBDIR=	${PORTNAME}
 
diff -ruN joomla.orig/distinfo joomla/distinfo
--- joomla.orig/distinfo	Sun Aug  5 03:33:23 2007
+++ joomla/distinfo	Sun Apr 13 14:36:43 2008
@@ -1,3 +1,3 @@
-MD5 (joomla/Joomla_1.0.13-Stable-Full_Package.tar.bz2) = ed01a4269faf3851a9f8320ac4de12fc
-SHA256 (joomla/Joomla_1.0.13-Stable-Full_Package.tar.bz2) = be91e0d85089d7197a687377076828eaa62253408b544baef528fee0c17e0cfa
-SIZE (joomla/Joomla_1.0.13-Stable-Full_Package.tar.bz2) = 1698797
+MD5 (joomla/Joomla_1.0.15-Stable-Full_Package.tar.bz2) = 278d6cfc19a2de07a298820304ccaa34
+SHA256 (joomla/Joomla_1.0.15-Stable-Full_Package.tar.bz2) = 9e9068d5b7b08f8fbfb24a69067b5a7752931a631dfdc6eb1c944a862b22d4d1
+SIZE (joomla/Joomla_1.0.15-Stable-Full_Package.tar.bz2) = 1698033


Patch attached with submission follows:

diff -ruN joomla.orig/Makefile joomla/Makefile
--- joomla.orig/Makefile	Sun Apr 13 14:30:56 2008
+++ joomla/Makefile	Sun Apr 13 14:36:30 2008
@@ -5,9 +5,9 @@
 # $FreeBSD: ports/www/joomla/Makefile,v 1.14 2007/08/05 07:33:23 miwi Exp $
 
 PORTNAME=	joomla
-PORTVERSION=	1.0.13
+PORTVERSION=	1.0.15
 CATEGORIES=	www
-MASTER_SITES=	http://downloads.joomlacode.org/frsrelease/1/3/2/13215/
+MASTER_SITES=	http://downloads.joomlacode.org/frsrelease/2/2/5/22536/
 DISTNAME=	Joomla_${PORTVERSION}-Stable-Full_Package
 DIST_SUBDIR=	${PORTNAME}
 
diff -ruN joomla.orig/distinfo joomla/distinfo
--- joomla.orig/distinfo	Sun Aug  5 03:33:23 2007
+++ joomla/distinfo	Sun Apr 13 14:36:43 2008
@@ -1,3 +1,3 @@
-MD5 (joomla/Joomla_1.0.13-Stable-Full_Package.tar.bz2) = ed01a4269faf3851a9f8320ac4de12fc
-SHA256 (joomla/Joomla_1.0.13-Stable-Full_Package.tar.bz2) = be91e0d85089d7197a687377076828eaa62253408b544baef528fee0c17e0cfa
-SIZE (joomla/Joomla_1.0.13-Stable-Full_Package.tar.bz2) = 1698797
+MD5 (joomla/Joomla_1.0.15-Stable-Full_Package.tar.bz2) = 278d6cfc19a2de07a298820304ccaa34
+SHA256 (joomla/Joomla_1.0.15-Stable-Full_Package.tar.bz2) = 9e9068d5b7b08f8fbfb24a69067b5a7752931a631dfdc6eb1c944a862b22d4d1
+SIZE (joomla/Joomla_1.0.15-Stable-Full_Package.tar.bz2) = 1698033


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list