svn commit: r352014 - in branches/2014Q2: security/vuxml www/py-django www/py-django-devel www/py-django14 www/py-django15
Li-Wen Hsu
lwhsu at FreeBSD.org
Thu Apr 24 16:20:33 UTC 2014
Author: lwhsu
Date: Thu Apr 24 16:20:30 2014
New Revision: 352014
URL: http://svnweb.freebsd.org/changeset/ports/352014
QAT: https://qat.redports.org/buildarchive/r352014/
Log:
MFH: r351931
Document Django 2014-04-21 vulnerabilty
MFH: r351932
- Update to 1.6.3
Security: 59e72db2-cae6-11e3-8420-00e0814cab4e
MFH: r351933
- Update to 1.5.6
Security: 59e72db2-cae6-11e3-8420-00e0814cab4e
MFH: r351934
- Update to 1.4.11
Security: 59e72db2-cae6-11e3-8420-00e0814cab4e
MFH: r351935
- Update to 20140423 snapshot
Security: 59e72db2-cae6-11e3-8420-00e0814cab4e
MFH: r351938
Fix Django package names
Submitted by: mat
MFH: r351944
- Add missing distinfo [1]
- Trim unneeded PYDISTUTILS_PKGNAME
Notified by: swills [1]
MFH: r352013
Add back pakcage ranges for people have ancient packages
Notified by: mat
Approved by: portmgr (mat)
Deleted:
branches/2014Q2/www/py-django-devel/pkg-plist
branches/2014Q2/www/py-django14/pkg-plist
branches/2014Q2/www/py-django15/pkg-plist
Modified:
branches/2014Q2/security/vuxml/vuln.xml
branches/2014Q2/www/py-django-devel/Makefile
branches/2014Q2/www/py-django-devel/distinfo
branches/2014Q2/www/py-django/Makefile
branches/2014Q2/www/py-django/distinfo
branches/2014Q2/www/py-django14/Makefile
branches/2014Q2/www/py-django14/distinfo
branches/2014Q2/www/py-django15/Makefile
branches/2014Q2/www/py-django15/distinfo
Directory Properties:
branches/2014Q2/ (props changed)
Modified: branches/2014Q2/security/vuxml/vuln.xml
==============================================================================
--- branches/2014Q2/security/vuxml/vuln.xml Thu Apr 24 15:54:50 2014 (r352013)
+++ branches/2014Q2/security/vuxml/vuln.xml Thu Apr 24 16:20:30 2014 (r352014)
@@ -51,6 +51,86 @@ Note: Please add new entries to the beg
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="59e72db2-cae6-11e3-8420-00e0814cab4e">
+ <topic>django -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>py26-django</name>
+ <name>py27-django</name>
+ <name>py31-django</name>
+ <name>py32-django</name>
+ <name>py33-django</name>
+ <name>py34-django</name>
+ <range><ge>1.6</ge><lt>1.6.3</lt></range>
+ <range><ge>1.5</ge><lt>1.5.6</lt></range>
+ <range><ge>1.4</ge><lt>1.4.11</lt></range>
+ </package>
+ <package>
+ <name>py26-django15</name>
+ <name>py27-django15</name>
+ <name>py31-django15</name>
+ <name>py32-django15</name>
+ <name>py33-django15</name>
+ <name>py34-django15</name>
+ <range><ge>1.5</ge><lt>1.5.6</lt></range>
+ </package>
+ <package>
+ <name>py26-django14</name>
+ <name>py27-django14</name>
+ <name>py31-django14</name>
+ <name>py32-django14</name>
+ <name>py33-django14</name>
+ <name>py34-django14</name>
+ <range><ge>1.4</ge><lt>1.4.11</lt></range>
+ </package>
+ <package>
+ <name>py26-django15</name>
+ <name>py27-django15</name>
+ <name>py31-django15</name>
+ <name>py32-django15</name>
+ <name>py33-django15</name>
+ <name>py34-django15</name>
+ <range><ge>1.5</ge><lt>1.5.6</lt></range>
+ </package>
+ <package>
+ <name>py26-django14</name>
+ <name>py27-django14</name>
+ <name>py31-django14</name>
+ <name>py32-django14</name>
+ <name>py33-django14</name>
+ <name>py34-django14</name>
+ <range><ge>1.4</ge><lt>1.4.11</lt></range>
+ </package>
+ <package>
+ <name>py26-django-devel</name>
+ <name>py27-django-devel</name>
+ <range><lt>20140423,1</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>The Django project reports:</p>
+ <blockquote cite="https://www.djangoproject.com/weblog/2014/apr/21/security/">
+ <p>These releases address an unexpected code-execution issue, a
+ caching issue which can expose CSRF tokens and a MySQL typecasting
+ issue. While these issues present limited risk and may not affect
+ all Django users, we encourage all users to evaluate their own
+ risk and upgrade as soon as possible.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>https://www.djangoproject.com/weblog/2014/apr/21/security/</url>
+ <cvename>CVE-2014-0472</cvename>
+ <cvename>CVE-2014-0473</cvename>
+ <cvename>CVE-2014-0474</cvename>
+ </references>
+ <dates>
+ <discovery>2014-04-21</discovery>
+ <entry>2014-04-23</entry>
+ <modified>2014-04-24</modified>
+ </dates>
+ </vuln>
<vuln vid="5631ae98-be9e-11e3-b5e3-c80aa9043978">
<topic>OpenSSL -- Multiple vulnerabilities - private data exposure</topic>
<affects>
Modified: branches/2014Q2/www/py-django-devel/Makefile
==============================================================================
--- branches/2014Q2/www/py-django-devel/Makefile Thu Apr 24 15:54:50 2014 (r352013)
+++ branches/2014Q2/www/py-django-devel/Makefile Thu Apr 24 16:20:30 2014 (r352014)
@@ -14,16 +14,14 @@ DIST_SUBDIR= python
MAINTAINER= lwhsu at FreeBSD.org
COMMENT= High-level Python Web framework
-LICENSE= BSD
+LICENSE= BSD3CLAUSE
-SNAPSHOTDATE= 20131025
+SNAPSHOTDATE= 20140423
-USE_XZ= yes
-USES= gettext
+USES= gettext tar:xz
USE_PYTHON= yes
USE_PYDISTUTILS= yes
-PYTHON_PY3K_PLIST_HACK= yes
-PYDISTUTILS_PKGNAME= Django
+PYDISTUTILS_AUTOPLIST= yes
PYDISTUTILS_PKGVERSION= 1.7
CONFLICTS= py2[0-9]-django-[0-9]*
@@ -38,6 +36,9 @@ OPTIONS_GROUP= DATABASE
OPTIONS_GROUP_DATABASE= PGSQL MYSQL SQLITE
HTMLDOCS_DESC= Install the HTML documentation (requires Sphinx)
+PLIST_FILES= man/man1/django-admin.1.gz \
+ man/man1/gather_profile_stats.1.gz
+
.include <bsd.port.options.mk>
.if ${PORT_OPTIONS:MPGSQL}
@@ -57,7 +58,7 @@ RUN_DEPENDS+= ${PYTHON_PKGNAMEPREFIX}flu
.endif
.if ${PORT_OPTIONS:MHTMLDOCS}
-. if empty(PORT_OPTIONS:MDOCS)
+. if ! ${PORT_OPTIONS:MDOCS}
IGNORE= you cannot build documentation while setting NOPORTDOCS
. endif
BUILD_DEPENDS+= ${PYTHON_PKGNAMEPREFIX}sphinx>0:${PORTSDIR}/textproc/py-sphinx
Modified: branches/2014Q2/www/py-django-devel/distinfo
==============================================================================
--- branches/2014Q2/www/py-django-devel/distinfo Thu Apr 24 15:54:50 2014 (r352013)
+++ branches/2014Q2/www/py-django-devel/distinfo Thu Apr 24 16:20:30 2014 (r352014)
@@ -1,2 +1,2 @@
-SHA256 (python/Django-20131025.tar.xz) = 56393be35977e9f106f085bb4a0025da5c4a4de3908eb40b22aef45c29c74cbe
-SIZE (python/Django-20131025.tar.xz) = 4618532
+SHA256 (python/Django-20140423.tar.xz) = d40b8d98cac40d40844c552953aa7a6d1faba10b21aebffd765684d54f85cc29
+SIZE (python/Django-20140423.tar.xz) = 4540492
Modified: branches/2014Q2/www/py-django/Makefile
==============================================================================
--- branches/2014Q2/www/py-django/Makefile Thu Apr 24 15:54:50 2014 (r352013)
+++ branches/2014Q2/www/py-django/Makefile Thu Apr 24 16:20:30 2014 (r352014)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= django
-PORTVERSION= 1.6.2
+PORTVERSION= 1.6.3
CATEGORIES= www python
MASTER_SITES= https://www.djangoproject.com/m/releases/${PORTVERSION}/ \
CHEESESHOP
@@ -18,7 +18,6 @@ LICENSE= BSD3CLAUSE
USE_PYTHON= yes
USE_PYDISTUTILS= yes
PYDISTUTILS_AUTOPLIST= yes
-PYDISTUTILS_PKGNAME= Django
CONFLICTS= py[23][0-9]-django-devel-[0-9]* py[23][0-9]-django-1.[0-57-9].*
Modified: branches/2014Q2/www/py-django/distinfo
==============================================================================
--- branches/2014Q2/www/py-django/distinfo Thu Apr 24 15:54:50 2014 (r352013)
+++ branches/2014Q2/www/py-django/distinfo Thu Apr 24 16:20:30 2014 (r352014)
@@ -1,2 +1,2 @@
-SHA256 (python/Django-1.6.2.tar.gz) = d1b3f8460e936f47846e7c4f80af951eda82a41c253c3a51ff3389863ff1c03a
-SIZE (python/Django-1.6.2.tar.gz) = 6615116
+SHA256 (python/Django-1.6.3.tar.gz) = 6d9d3c468f9a09470d00e85fe492ba35edfc72cee7fb65ad0281010eba58b8f1
+SIZE (python/Django-1.6.3.tar.gz) = 6628812
Modified: branches/2014Q2/www/py-django14/Makefile
==============================================================================
--- branches/2014Q2/www/py-django14/Makefile Thu Apr 24 15:54:50 2014 (r352013)
+++ branches/2014Q2/www/py-django14/Makefile Thu Apr 24 16:20:30 2014 (r352014)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= django
-PORTVERSION= 1.4.10
+PORTVERSION= 1.4.11
CATEGORIES= www python
MASTER_SITES= https://www.djangoproject.com/m/releases/${PORTVERSION:R}/ \
CHEESESHOP
@@ -14,11 +14,11 @@ DIST_SUBDIR= python
MAINTAINER= lwhsu at FreeBSD.org
COMMENT= High-level Python Web framework
-LICENSE= BSD
+LICENSE= BSD3CLAUSE
USE_PYTHON= 2
USE_PYDISTUTILS= yes
-PYDISTUTILS_PKGNAME= Django
+PYDISTUTILS_AUTOPLIST= yes
CONFLICTS= py[23][0-9]-django-devel-[0-9]* py[23][0-9]-django-1.[0-35-9].*
@@ -32,6 +32,10 @@ OPTIONS_GROUP= DATABASE
OPTIONS_GROUP_DATABASE= PGSQL MYSQL SQLITE
HTMLDOCS_DESC= Install the HTML documentation (requires Sphinx)
+PLIST_FILES= man/man1/daily_cleanup.1.gz \
+ man/man1/django-admin.1.gz \
+ man/man1/gather_profile_stats.1.gz
+
.include <bsd.port.options.mk>
.if ${PORT_OPTIONS:MPGSQL}
Modified: branches/2014Q2/www/py-django14/distinfo
==============================================================================
--- branches/2014Q2/www/py-django14/distinfo Thu Apr 24 15:54:50 2014 (r352013)
+++ branches/2014Q2/www/py-django14/distinfo Thu Apr 24 16:20:30 2014 (r352014)
@@ -1,2 +1,2 @@
-SHA256 (python/Django-1.4.10.tar.gz) = 3d1f083c039fdab1400c32b5406a60891c9dd16f880999c4a53d054742ac29de
-SIZE (python/Django-1.4.10.tar.gz) = 7745002
+SHA256 (python/Django-1.4.11.tar.gz) = 4819d8b37405b33f4f0d156f60918094d566249f52137c5e6e0dbaa12995c201
+SIZE (python/Django-1.4.11.tar.gz) = 7752172
Modified: branches/2014Q2/www/py-django15/Makefile
==============================================================================
--- branches/2014Q2/www/py-django15/Makefile Thu Apr 24 15:54:50 2014 (r352013)
+++ branches/2014Q2/www/py-django15/Makefile Thu Apr 24 16:20:30 2014 (r352014)
@@ -2,8 +2,7 @@
# $FreeBSD$
PORTNAME= django
-PORTVERSION= 1.5.5
-PORTREVISION= 2
+PORTVERSION= 1.5.6
CATEGORIES= www python
MASTER_SITES= https://www.djangoproject.com/m/releases/${PORTVERSION:R}/ \
CHEESESHOP
@@ -15,12 +14,11 @@ DIST_SUBDIR= python
MAINTAINER= lwhsu at FreeBSD.org
COMMENT= High-level Python Web framework
-LICENSE= BSD
+LICENSE= BSD3CLAUSE
USE_PYTHON= yes
USE_PYDISTUTILS= yes
-PYTHON_PY3K_PLIST_HACK= yes
-PYDISTUTILS_PKGNAME= Django
+PYDISTUTILS_AUTOPLIST= yes
CONFLICTS= py[23][0-9]-django-devel-[0-9]* py[23][0-9]-django-1.[0-46-9].*
@@ -34,6 +32,10 @@ OPTIONS_GROUP= DATABASE
OPTIONS_GROUP_DATABASE= PGSQL MYSQL SQLITE
HTMLDOCS_DESC= Install the HTML documentation (requires Sphinx)
+PLIST_FILES= man/man1/daily_cleanup.1.gz \
+ man/man1/django-admin.1.gz \
+ man/man1/gather_profile_stats.1.gz
+
.include <bsd.port.options.mk>
.if ${PORT_OPTIONS:MPGSQL}
Modified: branches/2014Q2/www/py-django15/distinfo
==============================================================================
--- branches/2014Q2/www/py-django15/distinfo Thu Apr 24 15:54:50 2014 (r352013)
+++ branches/2014Q2/www/py-django15/distinfo Thu Apr 24 16:20:30 2014 (r352014)
@@ -1,2 +1,2 @@
-SHA256 (python/Django-1.5.5.tar.gz) = 6ae69c1dfbfc9d0c44ae80e2fbe48e59bbbbb70e8df66ad2b7029bd39947d71d
-SIZE (python/Django-1.5.5.tar.gz) = 8060441
+SHA256 (python/Django-1.5.6.tar.gz) = 9b7fcb99d20289189ec0f1e06d1d2bed3b4772e3a393fddbfb006ea7c3f9bfaf
+SIZE (python/Django-1.5.6.tar.gz) = 8068359
More information about the svn-ports-branches
mailing list