ports/144012: [UPDATE] www/moinmoin to 1.8.7 [security fix]
Ruslan Mahmatkhanov
cvs-src at yandex.ru
Tue Feb 16 19:30:10 UTC 2010
>Number: 144012
>Category: ports
>Synopsis: [UPDATE] www/moinmoin to 1.8.7 [security fix]
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Tue Feb 16 19:30:09 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: Ruslan Mahmatkhanov
>Release: 8.0-STABLE
>Organization:
>Environment:
FreeBSD 8.0-STABLE i386
>Description:
- update to 1.8.7
This release resolves some major security issues in past versions in 1.8 branch of moinmoin. All the users are encouraged to update asap (but workaround is available). This definetelly deserves vuxml record but i don't now know how to do it.
please close ports/143188 - it's nomore actual.
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
diff -ruNa moinmoin.orig/Makefile moinmoin/Makefile
--- moinmoin.orig/Makefile 2009-07-08 06:24:43.000000000 +0400
+++ moinmoin/Makefile 2010-02-16 20:41:26.000000000 +0300
@@ -6,7 +6,7 @@
#
PORTNAME= moinmoin
-PORTVERSION= 1.8.4
+PORTVERSION= 1.8.7
CATEGORIES= www python
MASTER_SITES= http://static.moinmo.in/files/
DISTNAME= moin-${PORTVERSION}
diff -ruNa moinmoin.orig/distinfo moinmoin/distinfo
--- moinmoin.orig/distinfo 2009-07-08 06:24:43.000000000 +0400
+++ moinmoin/distinfo 2010-02-16 20:43:18.000000000 +0300
@@ -1,3 +1,3 @@
-MD5 (moin-1.8.4.tar.gz) = 6a91a62f5c0dd5379f3c2411c6629496
-SHA256 (moin-1.8.4.tar.gz) = 7e664d96cde9eb5b8d01fddcab58b903760a55e56e7959dd97f2711a5fc3b48c
-SIZE (moin-1.8.4.tar.gz) = 5959517
+MD5 (moin-1.8.7.tar.gz) = f2355474080c475997f2f8109911d7d4
+SHA256 (moin-1.8.7.tar.gz) = ddb8af5dae934bdd7beddf1463176612eff615465a72d566433100a4de1fcf61
+SIZE (moin-1.8.7.tar.gz) = 6698609
diff -ruNa moinmoin.orig/pkg-plist moinmoin/pkg-plist
--- moinmoin.orig/pkg-plist 2009-07-08 06:24:43.000000000 +0400
+++ moinmoin/pkg-plist 2010-02-16 21:37:44.000000000 +0300
@@ -170,6 +170,9 @@
%%PYTHON_SITELIBDIR%%/MoinMoin/auth/botbouncer.py
%%PYTHON_SITELIBDIR%%/MoinMoin/auth/botbouncer.pyc
%%PYTHON_SITELIBDIR%%/MoinMoin/auth/botbouncer.pyo
+%%PYTHON_SITELIBDIR%%/MoinMoin/auth/cas.py
+%%PYTHON_SITELIBDIR%%/MoinMoin/auth/cas.pyc
+%%PYTHON_SITELIBDIR%%/MoinMoin/auth/cas.pyo
%%PYTHON_SITELIBDIR%%/MoinMoin/auth/http.py
%%PYTHON_SITELIBDIR%%/MoinMoin/auth/http.pyc
%%PYTHON_SITELIBDIR%%/MoinMoin/auth/http.pyo
@@ -257,6 +260,9 @@
%%PYTHON_SITELIBDIR%%/MoinMoin/filter/application_vnd_ms_excel.py
%%PYTHON_SITELIBDIR%%/MoinMoin/filter/application_vnd_ms_excel.pyc
%%PYTHON_SITELIBDIR%%/MoinMoin/filter/application_vnd_ms_excel.pyo
+%%PYTHON_SITELIBDIR%%/MoinMoin/filter/application_vnd_ms_powerpoint.py
+%%PYTHON_SITELIBDIR%%/MoinMoin/filter/application_vnd_ms_powerpoint.pyc
+%%PYTHON_SITELIBDIR%%/MoinMoin/filter/application_vnd_ms_powerpoint.pyo
%%PYTHON_SITELIBDIR%%/MoinMoin/filter/application_vnd_oasis_opendocument.py
%%PYTHON_SITELIBDIR%%/MoinMoin/filter/application_vnd_oasis_opendocument.pyc
%%PYTHON_SITELIBDIR%%/MoinMoin/filter/application_vnd_oasis_opendocument.pyo
@@ -334,8 +340,6 @@
%%PYTHON_SITELIBDIR%%/MoinMoin/formatter/text_xml.pyo
%%PYTHON_SITELIBDIR%%/MoinMoin/i18n/Makefile
%%PYTHON_SITELIBDIR%%/MoinMoin/i18n/MoinMoin.pot
-%%PYTHON_SITELIBDIR%%/MoinMoin/i18n/POTFILES
-%%PYTHON_SITELIBDIR%%/MoinMoin/i18n/POTFILES.in
%%PYTHON_SITELIBDIR%%/MoinMoin/i18n/README
%%PYTHON_SITELIBDIR%%/MoinMoin/i18n/__init__.py
%%PYTHON_SITELIBDIR%%/MoinMoin/i18n/__init__.pyc
@@ -798,6 +802,15 @@
%%PYTHON_SITELIBDIR%%/MoinMoin/script/migration/1080400.py
%%PYTHON_SITELIBDIR%%/MoinMoin/script/migration/1080400.pyc
%%PYTHON_SITELIBDIR%%/MoinMoin/script/migration/1080400.pyo
+%%PYTHON_SITELIBDIR%%/MoinMoin/script/migration/1080500.py
+%%PYTHON_SITELIBDIR%%/MoinMoin/script/migration/1080500.pyc
+%%PYTHON_SITELIBDIR%%/MoinMoin/script/migration/1080500.pyo
+%%PYTHON_SITELIBDIR%%/MoinMoin/script/migration/1080600.py
+%%PYTHON_SITELIBDIR%%/MoinMoin/script/migration/1080600.pyc
+%%PYTHON_SITELIBDIR%%/MoinMoin/script/migration/1080600.pyo
+%%PYTHON_SITELIBDIR%%/MoinMoin/script/migration/1080700.py
+%%PYTHON_SITELIBDIR%%/MoinMoin/script/migration/1080700.pyc
+%%PYTHON_SITELIBDIR%%/MoinMoin/script/migration/1080700.pyo
%%PYTHON_SITELIBDIR%%/MoinMoin/script/migration/__init__.py
%%PYTHON_SITELIBDIR%%/MoinMoin/script/migration/__init__.pyc
%%PYTHON_SITELIBDIR%%/MoinMoin/script/migration/__init__.pyo
@@ -885,18 +898,9 @@
%%PYTHON_SITELIBDIR%%/MoinMoin/script/old/xmlrpc-tools/UpdateGroupTest.py
%%PYTHON_SITELIBDIR%%/MoinMoin/script/old/xmlrpc-tools/UpdateGroupTest.pyc
%%PYTHON_SITELIBDIR%%/MoinMoin/script/old/xmlrpc-tools/UpdateGroupTest.pyo
-%%PYTHON_SITELIBDIR%%/MoinMoin/script/old/xmlrpc-tools/WhoAmI.py
-%%PYTHON_SITELIBDIR%%/MoinMoin/script/old/xmlrpc-tools/WhoAmI.pyc
-%%PYTHON_SITELIBDIR%%/MoinMoin/script/old/xmlrpc-tools/WhoAmI.pyo
%%PYTHON_SITELIBDIR%%/MoinMoin/script/old/xmlrpc-tools/__init__.py
%%PYTHON_SITELIBDIR%%/MoinMoin/script/old/xmlrpc-tools/__init__.pyc
%%PYTHON_SITELIBDIR%%/MoinMoin/script/old/xmlrpc-tools/__init__.pyo
-%%PYTHON_SITELIBDIR%%/MoinMoin/script/old/xmlrpc-tools/wikibackup.py
-%%PYTHON_SITELIBDIR%%/MoinMoin/script/old/xmlrpc-tools/wikibackup.pyc
-%%PYTHON_SITELIBDIR%%/MoinMoin/script/old/xmlrpc-tools/wikibackup.pyo
-%%PYTHON_SITELIBDIR%%/MoinMoin/script/old/xmlrpc-tools/wikirestore.py
-%%PYTHON_SITELIBDIR%%/MoinMoin/script/old/xmlrpc-tools/wikirestore.pyc
-%%PYTHON_SITELIBDIR%%/MoinMoin/script/old/xmlrpc-tools/wikirestore.pyo
%%PYTHON_SITELIBDIR%%/MoinMoin/script/server/__init__.py
%%PYTHON_SITELIBDIR%%/MoinMoin/script/server/__init__.pyc
%%PYTHON_SITELIBDIR%%/MoinMoin/script/server/__init__.pyo
@@ -1089,6 +1093,9 @@
%%PYTHON_SITELIBDIR%%/MoinMoin/userprefs/suid.py
%%PYTHON_SITELIBDIR%%/MoinMoin/userprefs/suid.pyc
%%PYTHON_SITELIBDIR%%/MoinMoin/userprefs/suid.pyo
+%%PYTHON_SITELIBDIR%%/MoinMoin/util/SubProcess.py
+%%PYTHON_SITELIBDIR%%/MoinMoin/util/SubProcess.pyc
+%%PYTHON_SITELIBDIR%%/MoinMoin/util/SubProcess.pyo
%%PYTHON_SITELIBDIR%%/MoinMoin/util/__init__.py
%%PYTHON_SITELIBDIR%%/MoinMoin/util/__init__.pyc
%%PYTHON_SITELIBDIR%%/MoinMoin/util/__init__.pyo
@@ -1251,8 +1258,6 @@
%%DATADIR%%/config/wikifarm/mywiki.py
%%DATADIR%%/data/cache/README
%%DATADIR%%/data/dict/dummy_dict
-%%DATADIR%%/data/edit-log
-%%DATADIR%%/data/event-log
%%DATADIR%%/data/intermap.txt
%%DATADIR%%/data/meta
%%DATADIR%%/data/pages/BadContent/current
@@ -1551,6 +1556,7 @@
%%DATADIR%%/htdocs/applets/FCKeditor/editor/filemanager/connectors/lasso/upload.lasso
%%DATADIR%%/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/basexml.pl
%%DATADIR%%/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/commands.pl
+%%DATADIR%%/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/config.pl
%%DATADIR%%/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/connector.cgi
%%DATADIR%%/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/io.pl
%%DATADIR%%/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/upload.cgi
@@ -2185,6 +2191,15 @@
%%DATADIR%%/underlay/pages/HelpOnGraphicalEditor/revisions/00000001
%%DATADIR%%/underlay/pages/HelpOnHeadlines/current
%%DATADIR%%/underlay/pages/HelpOnHeadlines/revisions/00000001
+%%DATADIR%%/underlay/pages/HelpOnImages/attachments/Grand_Tetons.jpg
+%%DATADIR%%/underlay/pages/HelpOnImages/attachments/button.png
+%%DATADIR%%/underlay/pages/HelpOnImages/attachments/chair.jpg
+%%DATADIR%%/underlay/pages/HelpOnImages/attachments/clock.jpg
+%%DATADIR%%/underlay/pages/HelpOnImages/attachments/duckie.png
+%%DATADIR%%/underlay/pages/HelpOnImages/attachments/fish.jpg
+%%DATADIR%%/underlay/pages/HelpOnImages/attachments/pineapple.jpg
+%%DATADIR%%/underlay/pages/HelpOnImages/current
+%%DATADIR%%/underlay/pages/HelpOnImages/revisions/00000001
%%DATADIR%%/underlay/pages/HelpOnInstalling(2f)AolServer/current
%%DATADIR%%/underlay/pages/HelpOnInstalling(2f)AolServer/revisions/00000001
%%DATADIR%%/underlay/pages/HelpOnInstalling(2f)ApacheOnLinux/current
@@ -2398,12 +2413,12 @@
%%DATADIR%%/underlay/pages/SystemPagesGroup/revisions/00000001
%%DATADIR%%/underlay/pages/SystemPagesInEnglishGroup/current
%%DATADIR%%/underlay/pages/SystemPagesInEnglishGroup/revisions/00000001
+%%DATADIR%%/underlay/pages/SystemPagesSetup/attachments/BrazilianPortuguese.zip
%%DATADIR%%/underlay/pages/SystemPagesSetup/attachments/Bulgarian.zip
%%DATADIR%%/underlay/pages/SystemPagesSetup/attachments/Croatian.zip
%%DATADIR%%/underlay/pages/SystemPagesSetup/attachments/Czech.zip
%%DATADIR%%/underlay/pages/SystemPagesSetup/attachments/Danish.zip
%%DATADIR%%/underlay/pages/SystemPagesSetup/attachments/Dutch.zip
-%%DATADIR%%/underlay/pages/SystemPagesSetup/attachments/BrazilianPortuguese.zip
%%DATADIR%%/underlay/pages/SystemPagesSetup/attachments/Finnish.zip
%%DATADIR%%/underlay/pages/SystemPagesSetup/attachments/French.zip
%%DATADIR%%/underlay/pages/SystemPagesSetup/attachments/German.zip
@@ -2771,8 +2786,8 @@
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)WikiInstanceCreation
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)WebLogic/revisions
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)WebLogic
- at dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)TwistedWeb/attachments
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)TwistedWeb/revisions
+ at dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)TwistedWeb/attachments
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)TwistedWeb
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)TroubleShooting/revisions
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)TroubleShooting/attachments
@@ -2788,12 +2803,12 @@
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)BasicInstallation/revisions
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)BasicInstallation/attachments
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)BasicInstallation
- at dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)ApacheWithCherryPy/revisions
- at dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)ApacheWithCherryPy
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)ApacheWithModWSGI/revisions
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)ApacheWithModWSGI
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)ApacheWithModPython/revisions
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)ApacheWithModPython
+ at dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)ApacheWithCherryPy/revisions
+ at dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)ApacheWithCherryPy
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)ApacheOnWin32withFastCgi/revisions
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)ApacheOnWin32withFastCgi
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)ApacheOnWin32withDomainAuthentication/revisions
@@ -2810,6 +2825,9 @@
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)AolServer/revisions
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling(2f)AolServer
@dirrm %%DATADIR%%/underlay/pages/HelpOnInstalling
+ at dirrm %%DATADIR%%/underlay/pages/HelpOnImages/revisions
+ at dirrm %%DATADIR%%/underlay/pages/HelpOnImages/attachments
+ at dirrm %%DATADIR%%/underlay/pages/HelpOnImages
@dirrm %%DATADIR%%/underlay/pages/HelpOnHeadlines/revisions
@dirrm %%DATADIR%%/underlay/pages/HelpOnHeadlines
@dirrm %%DATADIR%%/underlay/pages/HelpOnGraphicalEditor/revisions
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list