svn commit: r534286 - head/mail/mailman
Matthias Andree
mandree at FreeBSD.org
Thu May 7 20:04:24 UTC 2020
Author: mandree
Date: Thu May 7 20:04:23 2020
New Revision: 534286
URL: https://svnweb.freebsd.org/changeset/ports/534286
Log:
mail/mailman: security update to 2.1.33
Fixing another content injection vulnerability,
this time via private archive login if the list's roster visibility
(private_roster) setting is 'Anyone'.
https://bugs.launchpad.net/mailman/+bug/1877379
https://launchpadlibrarian.net/478684932/private.diff
https://mail.python.org/archives/list/mailman-developers@python.org/thread/SYBIZ3MNSQZLKN6PVKO7ZKR7QMOBMS45/
Security: 88760f4d-8ef7-11ea-a66d-4b2ef158be83
Modified:
head/mail/mailman/Makefile
head/mail/mailman/distinfo
Modified: head/mail/mailman/Makefile
==============================================================================
--- head/mail/mailman/Makefile Thu May 7 20:02:24 2020 (r534285)
+++ head/mail/mailman/Makefile Thu May 7 20:04:23 2020 (r534286)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= mailman
-DISTVERSION= 2.1.32
+DISTVERSION= 2.1.33
PORTREVISION= 0
CATEGORIES= mail
MASTER_SITES= GNU \
@@ -128,11 +128,11 @@ MAIL_GID?= _smtpd
PKGNAMESUFFIX+= -with-htdig
# how to create PATCHFILES:
#X identify what is the version of msapiro's patches corresponding to the release.
-#X fetch http://bazaar.launchpad.net/~msapiro/mailman/htdig/tarball/1814
+#X fetch http://bazaar.launchpad.net/~msapiro/mailman/htdig/tarball/1815
#X unpack this tarball, and the original distfile
-#X diff -NEur original-unpack bazaar-unpack | xz --best -c >msapiro-htdig-1814.patch.xz
+#X diff -NEur original-unpack bazaar-unpack | xz --best -c >msapiro-htdig-1815.patch.xz
#X upload the latter with mode 0644 or similar to freefall's public_distfiles/ directory
-_HTDIGREV= 1814
+_HTDIGREV= 1815
PATCHFILES+= msapiro-htdig-${_HTDIGREV}.patch.xz
RUN_DEPENDS+= htdig:textproc/htdig
PLIST_SUB+= SUB_HTDIG=""
Modified: head/mail/mailman/distinfo
==============================================================================
--- head/mail/mailman/distinfo Thu May 7 20:02:24 2020 (r534285)
+++ head/mail/mailman/distinfo Thu May 7 20:04:23 2020 (r534286)
@@ -1,5 +1,5 @@
-TIMESTAMP = 1588720179
-SHA256 (mailman/mailman-2.1.32.tgz) = 3755322b23cb41cd726407658dc1ae0d2dcc9887c9239945491a551933505e5d
-SIZE (mailman/mailman-2.1.32.tgz) = 9413055
-SHA256 (mailman/msapiro-htdig-1814.patch.xz) = 91c69185f06e2d581d5a4429e678b740074016511557dae4aa5ee7ded0be349c
-SIZE (mailman/msapiro-htdig-1814.patch.xz) = 50400
+TIMESTAMP = 1588881655
+SHA256 (mailman/mailman-2.1.33.tgz) = 6d7e81753c78120f479a275ea623194cac188a3daf301eb76aa9d39a942d5234
+SIZE (mailman/mailman-2.1.33.tgz) = 9412979
+SHA256 (mailman/msapiro-htdig-1815.patch.xz) = 740aeb99b1e25706ad32bd73ac2035f758b5ec566856d6816aed76496931563b
+SIZE (mailman/msapiro-htdig-1815.patch.xz) = 50408
More information about the svn-ports-head
mailing list