egroupware has a remote access security vulnerability. Mitigated in version 1.8.05, identified at http://sourceforge.net/projects/egroupware/files/eGroupware-1.8/eGroupware-1.8.005.20131001/ Its difficult to ascertain what the actual problem is. The egroupware team have rated 9 CVE vulnerabilities since 2007 as low. It would be prudent to update the application. Ref: http://www.cvedetails.com/product/4141/Egroupware-Egroupware.html?vendor_id=2373 Fix: In Makefile -PORTVERSION= 1.8.004.20130831 +PORTVERSION= 1.8.005.20131001
Responsible Changed From-To: freebsd-ports-bugs->danilo I'll take it.
Author: danilo Date: Mon Oct 7 15:03:41 2013 New Revision: 329709 URL: http://svnweb.freebsd.org/changeset/ports/329709 Log: - Update from 1.8.004.20130831 to 1.8.005.20131001 [1] - Change maintainer email to @FreeBSD.org Changelog: http://svn.stylite.de/viewvc/egroupware/branches/1.8/egroupware/doc/rpm-build/debian.changes?view=markup PR: ports/182781 Submitted by: Dewayne <dewayne.geraghty@heuristicsystems.com.au> [1] Approved by: wg/culot (mentors, implicit) Modified: head/deskutils/egroupware/Makefile head/deskutils/egroupware/distinfo Modified: head/deskutils/egroupware/Makefile ============================================================================== --- head/deskutils/egroupware/Makefile Mon Oct 7 14:20:25 2013 (r329708) +++ head/deskutils/egroupware/Makefile Mon Oct 7 15:03:41 2013 (r329709) @@ -2,13 +2,13 @@ # $FreeBSD$ PORTNAME= eGroupware -PORTVERSION= 1.8.004.20130831 +PORTVERSION= 1.8.005.20131001 CATEGORIES= deskutils MASTER_SITES= SF/${PORTNAME:L}/${PORTNAME}-1.8/${PORTNAME}-${PORTVERSION} DISTFILES= ${PORTNAME}-${PORTVERSION}.tar.bz2 \ ${PORTNAME}-egw-pear-${PORTVERSION}.tar.bz2 -MAINTAINER= danilogondolfo@gmail.com +MAINTAINER= danilo@FreeBSD.org COMMENT= Web-based GroupWare system BUILD_DEPENDS= ${PEARDIR}/Auth/SASL.php:${PORTSDIR}/security/pear-Auth_SASL \ Modified: head/deskutils/egroupware/distinfo ============================================================================== --- head/deskutils/egroupware/distinfo Mon Oct 7 14:20:25 2013 (r329708) +++ head/deskutils/egroupware/distinfo Mon Oct 7 15:03:41 2013 (r329709) @@ -1,4 +1,4 @@ -SHA256 (eGroupware-1.8.004.20130831.tar.bz2) = d1b4cbd32647cdfcc5ba74d8a532ae660b25954b8ef5bb75b7bf3d5599a59a0f -SIZE (eGroupware-1.8.004.20130831.tar.bz2) = 10784621 -SHA256 (eGroupware-egw-pear-1.8.004.20130831.tar.bz2) = 0dc9988459190a5ee544d0432dbbfb8bca5b033f249ccb3c8a7721488ac444fd -SIZE (eGroupware-egw-pear-1.8.004.20130831.tar.bz2) = 76045 +SHA256 (eGroupware-1.8.005.20131001.tar.bz2) = 62013a411e38fbe58516764aca000165eafab938d2d96ad229bb4143841c9eb0 +SIZE (eGroupware-1.8.005.20131001.tar.bz2) = 10779109 +SHA256 (eGroupware-egw-pear-1.8.005.20131001.tar.bz2) = af0aa19de9d20f5d380b9a6394899a35a56f8030aa64b23d593a2676e708b2b2 +SIZE (eGroupware-egw-pear-1.8.005.20131001.tar.bz2) = 76481 _______________________________________________ svn-ports-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-ports-all To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed. Thanks!