The port of www/foswiki is one version behind the current one. In addition, the code has a vulnerability (CVE-2012-1004) that is patched per foswiki support by this update. http://foswiki.org/Support/SecurityAlert-CVE-2012-1004 How-To-Repeat: N/A
Responsible Changed From-To: freebsd-ports-bugs->skv Over to maintainer (via the GNATS Auto Assign Tool)
State Changed From-To: open->feedback Good day, Kevin. Version 1.1.5 is now available that includes complete CVE fix. Would you please update your patch please? Thanks.
Updated patch for foswiki 1.1.5: diff -urN foswiki/Makefile foswiki-new/Makefile --- foswiki/Makefile 2012-01-02 03:34:59.000000000 -0800 +++ foswiki-new/Makefile 2012-03-24 22:44:47.000000000 -0700 @@ -6,7 +6,7 @@ # PORTNAME= foswiki -PORTVERSION= 1.1.3 +PORTVERSION= 1.1.5 CATEGORIES= www MASTER_SITES= SF DISTNAME= Foswiki-${PORTVERSION} diff -urN foswiki/distinfo foswiki-new/distinfo --- foswiki/distinfo 2011-04-19 03:08:02.000000000 -0700 +++ foswiki-new/distinfo 2012-03-24 23:10:02.000000000 -0700 @@ -1,2 +1,2 @@ -SHA256 (foswiki/Foswiki-1.1.3.tgz) = 76d81d10765fefb0e17872482b778fab446d6e357a62ba87aba6eb36d4398b7d -SIZE (foswiki/Foswiki-1.1.3.tgz) = 13263991 +SHA256 (foswiki/Foswiki-1.1.5.tgz) = 7868d32bd3852c7772f88c3ccf6289639d4026adeeef2353c2bbe5e774d1e237 +SIZE (foswiki/Foswiki-1.1.5.tgz) = 15306439
Kevin Oberman wrote on 25.04.2012 02:50: > On Tue, Apr 24, 2012 at 12:06 PM, Doug Sampson<dougs@dawnsign.com> wrote: >> Hello- >> >> When will Foswiki be updated to 1.1.4? It's currently at 1.1.3 and doesn't work with Perl 5.14 but 1.1.4 does. Version 1.1.5 is coming out soon and I'd like to upgrade to 1.1.4 and make sure all works smoothly before version 1.1.5 gets released. > > I submitted the update to 1.1.5 to ports a while ago. Just waiting for a commit. > > See PR ports/166399 Hi Kevin, Doug. Sorry, I forgot to say that this patch is incomplete. Updated port fails to uninstall. Can you please investigate? Here is the log: http://people.freebsd.org/~rm/foswiki-1.1.5.log -- Regards, Ruslan Tinderboxing kills... the drives.
rm 2012-05-21 07:03:03 UTC FreeBSD ports repository Modified files: www/foswiki Makefile distinfo pkg-descr pkg-plist Log: - update to 1.1.5 (fix for CVE-2012-1004) Different patch committed. There was pkg-plist changes missed, and original submitter later sent them to me via private mail. PR: 166399 Submitted by: Kevin Oberman <rkoberman at gmail dot com> Approved by: maintainer timeout (>one month) Security: 495b46fd-a30f-11e1-82c9-d0df9acfd7e5 Revision Changes Path 1.11 +3 -1 ports/www/foswiki/Makefile 1.7 +2 -2 ports/www/foswiki/distinfo 1.2 +1 -1 ports/www/foswiki/pkg-descr 1.6 +322 -79 ports/www/foswiki/pkg-plist _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: feedback->closed Committed, thank you!