Bug 111407 - [PATCH] www/instiki: Fix cross site scripting vulnerability
Summary: [PATCH] www/instiki: Fix cross site scripting vulnerability
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Li-Wen Hsu
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-04-09 13:50 UTC by Alexander Logvinov
Modified: 2007-04-10 04:20 UTC (History)
1 user (show)

See Also:

Attachments
file.diff (4.37 KB, patch)
2007-04-09 13:50 UTC, Alexander Logvinov 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Logvinov 2007-04-09 13:50:01 UTC 
    Update to 0.11 Patch Level 1 and fix cross site scripting vulnerability

    Release info: http://rubyforge.org/frs/shownotes.php?group_id=186&release_id=10014
    Security: http://golem.ph.utexas.edu/~distler/blog/archives/001181.html
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2007-04-09 13:50:12 UTC 
State Changed
From-To: open->feedback

Awaiting maintainers feedback
Comment 2 Li-Wen Hsu freebsd_committer freebsd_triage 2007-04-09 13:57:39 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->lwhsu

I'll take it.
Comment 3 Alexander Logvinov 2007-04-09 14:15:25 UTC 
Hello!

  BTW there is no maintainer of this port now.
  http://www.freebsd.org/cgi/getmsg.cgi?fetch=247358+0+current/cvs-ports

--
WBR
Comment 4 Li-Wen Hsu freebsd_committer freebsd_triage 2007-04-09 16:44:50 UTC 
On Mon, Apr 09, 2007 at 13:20:08 +0000, Alexander Logvinov wrote:
> The following reply was made to PR ports/111407; it has been noted by GNATS.
> 
> From: Alexander Logvinov <ports@logvinov.com>
> To: bug-followup@FreeBSD.org, ports@logvinov.com
> Cc:  
> Subject: Re: ports/111407: [PATCH] www/instiki: Fix cross site scripting vulnerability
> Date: Mon, 9 Apr 2007 23:15:25 +1000
> 
>  Hello!
>  
>    BTW there is no maintainer of this port now.
>    http://www.freebsd.org/cgi/getmsg.cgi?fetch=247358+0+current/cvs-ports


Hi,

Do you want to be the maintainer of this port?

-- 
Best Regards,
Li-Wen Hsu
Comment 5 Alexander Logvinov 2007-04-10 00:20:04 UTC 
Hello!

Tuesday, April 10, 2007, 1:44:50 AM, you wrote:

> Do you want to be the maintainer of this port?
 I think no... I don't use this port now. Sorry.

--
WBR
Comment 6 Li-Wen Hsu freebsd_committer freebsd_triage 2007-04-10 04:16:15 UTC 
State Changed
From-To: feedback->open

Actually, there is no maintainer of this port now.
Comment 7 dfilter service freebsd_committer freebsd_triage 2007-04-10 04:19:19 UTC 
lwhsu       2007-04-10 03:19:12 UTC

  FreeBSD ports repository

  Modified files:
    www/instiki          Makefile distinfo pkg-plist 
    www/instiki/files    bluecloth-patch-lib-chunks-engines-rb 
  Log:
  Update to 0.11 Patch Level 1 and fix cross site scripting vulnerability
  
  Release info: http://rubyforge.org/frs/shownotes.php?group_id=186&release_id=10014
  Security: http://golem.ph.utexas.edu/~distler/blog/archives/001181.html
  
  PR:             111407
  Submitted by:   Alexander Logvinov <ports AT logvinov.com>
  Approved by:    clsung (mentor)
  Security:       http://golem.ph.utexas.edu/~distler/blog/archives/001181.html
  
  Revision  Changes    Path
  1.13      +3 -1      ports/www/instiki/Makefile
  1.4       +3 -3      ports/www/instiki/distinfo
  1.2       +7 -7      ports/www/instiki/files/bluecloth-patch-lib-chunks-engines-rb
  1.7       +6 -2      ports/www/instiki/pkg-plist
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 8 Li-Wen Hsu freebsd_committer freebsd_triage 2007-04-10 04:19:30 UTC 
State Changed
From-To: open->closed

Committed. Thanks!