78779 – [maintainer] Fix bad html filter in www/phpbb

Bug 78779 - [maintainer] Fix bad html filter in www/phpbb

Summary: [maintainer] Fix bad html filter in www/phpbb

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	Cheng-Lung Sung

URL:
Keywords:

Depends on:
Blocks:

Reported:	2005-03-13 12:50 UTC by Kang Liu
Modified:	2005-03-14 02:37 UTC (History)
CC List:	0 users

See Also:

Attachments
file.diff (1.43 KB, patch) 2005-03-13 12:50 UTC, Kang Liu	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Kang Liu 2005-03-13 12:50:01 UTC

There is a low risk vulnerability in www/phpbb that allows users to bypass forum-wide configuration (VuXML ID 	4a0b334d-8d8d-11d9-afa0-003048705d5a). The patch below can fix this problem.

Comment 1 Xin LI freebsd_committer

2005-03-13 13:00:44 UTC

State Changed
From-To: open->feedback

Dear submitter, is the last hunk of the patch necessary?

Comment 2 Kang Liu 2005-03-13 13:41:07 UTC

//sigh
Please remove "the last hunk" as delphij pointed before commit...

Kang

Comment 3 Xin LI freebsd_committer

2005-03-13 14:08:48 UTC

State Changed
From-To: feedback->open

Submitter has approved to remove the last hunk of the proposaled 
patch.  Will a port committer grab this and commit it?  This 
is a security fix.

Comment 4 Cheng-Lung Sung freebsd_committer

2005-03-14 02:23:09 UTC

Responsible Changed
From-To: freebsd-ports-bugs->clsung

Oh, I'll handle this.

Comment 5 Cheng-Lung Sung freebsd_committer

2005-03-14 02:37:34 UTC

State Changed
From-To: open->closed

Committed, Thank you.