Bug 131011 - [maintainer update] www/glpi 0.71.4 (security fix)
Summary: [maintainer update] www/glpi 0.71.4 (security fix)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Philip M. Gollucci
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-01-26 13:00 UTC by Mathias Monnerville
Modified: 2009-01-28 05:30 UTC (History)
1 user (show)

See Also:

Attachments
glpi.diff (1.15 KB, patch)
2009-01-26 13:00 UTC, Mathias Monnerville 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mathias Monnerville 2009-01-26 13:00:01 UTC 
	A security issue has been found and fixed recently (SQL injection).
Comment 1 Philip M. Gollucci freebsd_committer freebsd_triage 2009-01-27 04:23:54 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->pgollucci

I'll take it.
Comment 2 Philip M. Gollucci 2009-01-27 08:20:21 UTC 
is there a corresponding CVE or anything for this ?


-- 
------------------------------------------------------------------------
1024D/DB9B8C1C B90B FBC3 A3A1 C71A 8E70  3F8C 75B8 8FFB DB9B 8C1C
Philip M. Gollucci (pgollucci@p6m7g8.com) c: 703.336.9354
Consultant          - P6M7G8 Inc.                http://p6m7g8.net
Senior Sys Admin    - RideCharge, Inc.           http://ridecharge.com
Contractor          - PositiveEnergyUSA          http://positiveenergyusa.com
ASF Member          - Apache Software Foundation http://apache.org
FreeBSD Committer   - FreeBSD Foundation         http://freebsd.org

Work like you don't need the money,
love like you'll never get hurt,
and dance like nobody's watching.
Comment 3 Philip M. Gollucci freebsd_committer freebsd_triage 2009-01-27 08:21:54 UTC 
State Changed
From-To: open->feedback

feedback-pr
Comment 4 Mathias Monnerville 2009-01-27 11:11:21 UTC 
On Tue, Jan 27, 2009 at 03:20:21AM -0500, Philip M. Gollucci wrote:
> is there a corresponding CVE or anything for this ?

Nothing but an announcement on their official website (and ML):
http://www.glpi-project.org/spip.php?page=annonce&id_breve=161&lang=en
Comment 5 Philip M. Gollucci freebsd_committer freebsd_triage 2009-01-28 04:12:27 UTC 
State Changed
From-To: feedback->open

feedback received
Comment 6 dfilter service freebsd_committer freebsd_triage 2009-01-28 05:07:56 UTC 
pgollucci    2009-01-28 05:07:48 UTC

  FreeBSD ports repository

  Modified files:
    security/vuxml       vuln.xml 
  Log:
  Document glpi -- SQL Injection vulnerabilty
  
  PR:             ports/131011
  Submitted by:   Mathias Monnerville <mathias@monnerville.com>
  
  Revision  Changes    Path
  1.1832    +29 -1     ports/security/vuxml/vuln.xml
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 7 dfilter service freebsd_committer freebsd_triage 2009-01-28 05:22:13 UTC 
pgollucci    2009-01-28 05:22:03 UTC

  FreeBSD ports repository

  Modified files:
    www/glpi             Makefile distinfo pkg-plist 
  Log:
  - update to 0.71.4
  
  PR:             ports/131011
  Submitted by:   Mathias Monnerville <mathias@monnerville.com> (maintainer)
  Security:       http://www.vuxml.org/freebsd/2ffb1b0d-ecf5-11dd-abae-00219b0fc4d8.html
  
  Revision  Changes    Path
  1.11      +1 -1      ports/www/glpi/Makefile
  1.9       +3 -3      ports/www/glpi/distinfo
  1.7       +0 -1      ports/www/glpi/pkg-plist
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 8 Philip M. Gollucci freebsd_committer freebsd_triage 2009-01-28 05:22:18 UTC 
State Changed
From-To: open->closed

Committed. Thanks!