Bug 100081 - upgrade for port www/trac
Summary: upgrade for port www/trac
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Ion-Mihai "IOnut" Tetcu
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-07-11 12:10 UTC by Adrian Penisoara
Modified: 2006-07-11 14:05 UTC (History)
0 users

See Also:

Attachments
file.diff (159 bytes, patch)
2006-07-11 12:10 UTC, Adrian Penisoara 		no flags Details | Diff
file.diff (536 bytes, patch)
2006-07-11 12:10 UTC, Adrian Penisoara 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Adrian Penisoara 2006-07-11 12:10:14 UTC 
 Port www/trac, at version 0.9.5, is affected by a security vulnerability
registered in VuXML:

http://www.freebsd.org/ports/portaudit/b0d61f73-0e11-11db-a47b-000c2957fdf1.html

 The Trac project already made available version 0.9.6 which fixes the above
problem -- quoting from http://trac.edgewall.org/wiki/ChangeLog :

0.9.6
   * Fixed reStructuredText breach of privacy and denial of service vulnerability
     found by Felix Wiemann.

Fix: No extensive testing, but I already use it in production at a customer site.

PORTNAME=      trac
-PORTVERSION=   0.9.5
+PORTVERSION=   0.9.6
 CATEGORIES=    www devel python
 MASTER_SITES=  http://ftp.edgewall.com/pub/trac/ \
                ftp://ftp.edgewall.com/pub/trac/
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2006-07-11 12:10:31 UTC 
State Changed
From-To: open->feedback

Awaiting maintainers feedback
Comment 2 Rui Lopes 2006-07-11 12:19:17 UTC 
Please apply the patch on this PR ASAP.

Thanks!

Best regards,
Rui Lopes
Comment 3 Ion-Mihai "IOnut" Tetcu freebsd_committer freebsd_triage 2006-07-11 12:29:31 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->itetcu

Ady, why not from the RoFUG address :) ?
Comment 4 Ion-Mihai "IOnut" Tetcu freebsd_committer freebsd_triage 2006-07-11 14:05:40 UTC 
State Changed
From-To: feedback->closed

Committed. Thanks!