Bug 131011 - [maintainer update] www/glpi 0.71.4 (security fix)
Summary: [maintainer update] www/glpi 0.71.4 (security fix)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Philip M. Gollucci
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-01-26 13:00 UTC by Mathias Monnerville
Modified: 2009-01-28 05:30 UTC (History)
1 user (show)

See Also:


Attachments
glpi.diff (1.15 KB, patch)
2009-01-26 13:00 UTC, Mathias Monnerville
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Mathias Monnerville 2009-01-26 13:00:01 UTC
	A security issue has been found and fixed recently (SQL injection).
Comment 1 Philip M. Gollucci freebsd_committer freebsd_triage 2009-01-27 04:23:54 UTC
Responsible Changed
From-To: freebsd-ports-bugs->pgollucci

I'll take it.
Comment 2 Philip M. Gollucci 2009-01-27 08:20:21 UTC
is there a corresponding CVE or anything for this ?


-- 
------------------------------------------------------------------------
1024D/DB9B8C1C B90B FBC3 A3A1 C71A 8E70  3F8C 75B8 8FFB DB9B 8C1C
Philip M. Gollucci (pgollucci@p6m7g8.com) c: 703.336.9354
Consultant          - P6M7G8 Inc.                http://p6m7g8.net
Senior Sys Admin    - RideCharge, Inc.           http://ridecharge.com
Contractor          - PositiveEnergyUSA          http://positiveenergyusa.com
ASF Member          - Apache Software Foundation http://apache.org
FreeBSD Committer   - FreeBSD Foundation         http://freebsd.org

Work like you don't need the money,
love like you'll never get hurt,
and dance like nobody's watching.
Comment 3 Philip M. Gollucci freebsd_committer freebsd_triage 2009-01-27 08:21:54 UTC
State Changed
From-To: open->feedback

feedback-pr
Comment 4 Mathias Monnerville 2009-01-27 11:11:21 UTC
On Tue, Jan 27, 2009 at 03:20:21AM -0500, Philip M. Gollucci wrote:
> is there a corresponding CVE or anything for this ?

Nothing but an announcement on their official website (and ML):
http://www.glpi-project.org/spip.php?page=annonce&id_breve=161&lang=en
Comment 5 Philip M. Gollucci freebsd_committer freebsd_triage 2009-01-28 04:12:27 UTC
State Changed
From-To: feedback->open

feedback received
Comment 6 dfilter service freebsd_committer freebsd_triage 2009-01-28 05:07:56 UTC
pgollucci    2009-01-28 05:07:48 UTC

  FreeBSD ports repository

  Modified files:
    security/vuxml       vuln.xml 
  Log:
  Document glpi -- SQL Injection vulnerabilty
  
  PR:             ports/131011
  Submitted by:   Mathias Monnerville <mathias@monnerville.com>
  
  Revision  Changes    Path
  1.1832    +29 -1     ports/security/vuxml/vuln.xml
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 7 dfilter service freebsd_committer freebsd_triage 2009-01-28 05:22:13 UTC
pgollucci    2009-01-28 05:22:03 UTC

  FreeBSD ports repository

  Modified files:
    www/glpi             Makefile distinfo pkg-plist 
  Log:
  - update to 0.71.4
  
  PR:             ports/131011
  Submitted by:   Mathias Monnerville <mathias@monnerville.com> (maintainer)
  Security:       http://www.vuxml.org/freebsd/2ffb1b0d-ecf5-11dd-abae-00219b0fc4d8.html
  
  Revision  Changes    Path
  1.11      +1 -1      ports/www/glpi/Makefile
  1.9       +3 -3      ports/www/glpi/distinfo
  1.7       +0 -1      ports/www/glpi/pkg-plist
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 8 Philip M. Gollucci freebsd_committer freebsd_triage 2009-01-28 05:22:18 UTC
State Changed
From-To: open->closed

Committed. Thanks!