Bug 164717 - [maintainer update] update www/mathopd to 1.5p7
Summary: [maintainer update] update www/mathopd to 1.5p7
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Ruslan Makhmatkhanov
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-02-02 20:20 UTC by michiel
Modified: 2012-02-03 06:50 UTC (History)
0 users

See Also:

Attachments
mathopd-1.5p7.diff (910 bytes, patch)
2012-02-02 20:20 UTC, michiel 		no flags Details | Diff
mathopd.vuxml.txt (945 bytes, text/plain)
2012-02-03 06:00 UTC, michiel 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description michiel 2012-02-02 20:20:08 UTC 
Update the www/mathopd port to 1.5p7.
The previous version has a vulnerability that could lead to directory
traversal when the '*' construct in config files is used.

How-To-Repeat: n/a
Comment 1 Ruslan Makhmatkhanov freebsd_committer freebsd_triage 2012-02-02 20:27:31 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->rm

I will take it.
Comment 2 R.Mahmatkhanov 2012-02-02 20:32:45 UTC 
Hello, Michiel.
Would you please also provide vuxml entry?
Comment 3 dfilter service freebsd_committer freebsd_triage 2012-02-02 20:43:31 UTC 
rm          2012-02-02 20:43:23 UTC

  FreeBSD ports repository

  Modified files:
    www/mathopd          Makefile distinfo pkg-descr 
    www/mathopd/files    patch-aa 
  Log:
  - update to 1.5p7 (fix directory traversal in special case)
  - while i'm here, fix couple of whitespaces and NOMAN -> NO_MAN warning
  
  PR:             164717
  Submitted by:   Michiel Boland <michiel at boland dot org>
  
  Revision  Changes    Path
  1.24      +2 -1      ports/www/mathopd/Makefile
  1.16      +2 -2      ports/www/mathopd/distinfo
  1.7       +1 -1      ports/www/mathopd/files/patch-aa
  1.6       +2 -2      ports/www/mathopd/pkg-descr
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 4 michiel 2012-02-02 21:30:29 UTC 
On 02/02/2012 21:32, Ruslan Mahmatkhanov wrote:
> Hello, Michiel.
> Would you please also provide vuxml entry?

Sure - I'm waiting for my mail to be archived so I can include it as a reference.
Cheers
Michiel
Comment 5 R.Mahmatkhanov 2012-02-02 21:41:11 UTC 
Michiel Boland wrote on 03.02.2012 01:30:
> On 02/02/2012 21:32, Ruslan Mahmatkhanov wrote:
>> Hello, Michiel.
>> Would you please also provide vuxml entry?
>
> Sure - I'm waiting for my mail to be archived so I can include it as a
> reference.
> Cheers
> Michiel

Ok, I already committed the update but not closing the pr yet, waiting 
for vuxml entry. Thanks.

-- 
Regards,
Ruslan

Tinderboxing kills... the drives.
Comment 6 michiel 2012-02-03 06:00:40 UTC 
On 02/02/2012 21:32, Ruslan Mahmatkhanov wrote:
> Hello, Michiel.
> Would you please also provide vuxml entry?

see attachment

Cheers
Michiel
Comment 7 R.Mahmatkhanov 2012-02-03 06:32:46 UTC 
Michiel Boland wrote on 03.02.2012 10:00:
> On 02/02/2012 21:32, Ruslan Mahmatkhanov wrote:
>> Hello, Michiel.
>> Would you please also provide vuxml entry?
>
> see attachment
>
> Cheers
> Michiel

Was just committed. Thank you much!

-- 
Regards,
Ruslan

Tinderboxing kills... the drives.
Comment 8 dfilter service freebsd_committer freebsd_triage 2012-02-03 06:33:15 UTC 
rm          2012-02-03 06:33:03 UTC

  FreeBSD ports repository

  Modified files:
    security/vuxml       vuln.xml 
  Log:
  Add vuxml entry for mathopd directory traversal vulnerability.
  
  PR:             164717
  Submitted by:   Michiel Boland <michiel at boland dot org>
  Security:       6e7ad1d7-4e27-11e1-8e12-90e6ba8a36a2
  
  Revision  Changes    Path
  1.2590    +28 -1     ports/security/vuxml/vuln.xml
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 9 Ruslan Makhmatkhanov freebsd_committer freebsd_triage 2012-02-03 06:47:48 UTC 
State Changed
From-To: open->closed

Committed, thank you!