ports/174741: www/drupal7 7.16 -> 7.18
Rick van der Zwet
info at rickvanderzwet.nl
Thu Dec 27 14:10:01 UTC 2012
>Number: 174741
>Category: ports
>Synopsis: www/drupal7 7.16 -> 7.18
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Thu Dec 27 14:10:01 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator: Rick van der Zwet
>Release: FreeBSD 8.3-RELEASE-p3 amd64
>Organization:
Stichting Wireless Leiden
>Environment:
System: FreeBSD tyan.wirelessleiden.nl 8.3-RELEASE-p3 FreeBSD 8.3-RELEASE-p3 #0: Tue Jun 12 00:39:29 UTC 2012 root at amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64
>Description:
New release of Drupal7 fixing security vulnerabilities:
Access bypass (User module search - Drupal 6 and 7): CVE-2012-5651
Access bypass (Upload module - Drupal 6): CVE-2012-5652
Arbitrary PHP code execution (File upload modules - Drupal 6 and 7): CVE-2012-5653
https://drupal.org/SA-CORE-2012-004
>How-To-Repeat:
>Fix:
Apply the attached patch to bump the version
--- www-drupal7.patch begins here ---
diff -u www/drupal7.orig/Makefile www/drupal7/Makefile
--- www/drupal7.orig/Makefile 2012-12-27 13:55:07.000000000 +0000
+++ www/drupal7/Makefile 2012-12-27 13:55:25.000000000 +0000
@@ -2,7 +2,7 @@
# $FreeBSD: ports/www/drupal7/Makefile,v 1.74 2012/11/17 06:02:32 svnexp Exp $
PORTNAME= drupal7
-PORTVERSION= 7.16
+PORTVERSION= 7.18
CATEGORIES= www
MASTER_SITES= http://ftp.drupal.org/files/projects/
DISTNAME= drupal-${PORTVERSION}
diff -u www/drupal7.orig/distinfo www/drupal7/distinfo
--- www/drupal7.orig/distinfo 2012-12-27 13:55:07.000000000 +0000
+++ www/drupal7/distinfo 2012-12-27 13:55:40.000000000 +0000
@@ -1,2 +1,2 @@
-SHA256 (drupal/drupal-7.16.tar.gz) = 353625d8aa59a22b791fce8a00d22249900c7d3ea650662fdd6b0445e15e3c76
-SIZE (drupal/drupal-7.16.tar.gz) = 3142889
+SHA256 (drupal/drupal-7.18.tar.gz) = c0add5d9e9ae9d09f9685b599c10b0bdce2548879cfe618099d01337181dc7a8
+SIZE (drupal/drupal-7.18.tar.gz) = 3162333
--- www-drupal7.patch ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list