Bug 160368 - [patch] databases/mantis: Update to latest version
Summary: [patch] databases/mantis: Update to latest version
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Eitan Adler
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-09-01 17:10 UTC by Glen Barber
Modified: 2011-09-05 18:41 UTC (History)
0 users

See Also:


Attachments
file.diff (6.51 KB, patch)
2011-09-01 17:10 UTC, Glen Barber
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Glen Barber freebsd_committer freebsd_triage 2011-09-01 17:10:07 UTC
Update databases/mantis to version 1.2.7:

Version 1.2.7 addresses a XSS vulnerability in search.php.  Details can be found at:
http://www.mantisbt.org/blog/?p=142
http://www.mantisbt.org/bugs/view.php?id=13245


Complete change log:
http://www.mantisbt.org/bugs/changelog_page.php?version_id=138

Fix: Patch included.

Tinderbox logs can be found here:
- https://builder.glenbarber.us/tb/logs/7-32-FreeBSD/mantis-1.2.7.log
- https://builder.glenbarber.us/tb/logs/8-32-FreeBSD/mantis-1.2.7.log
- https://builder.glenbarber.us/tb/logs/9-32-FreeBSD/mantis-1.2.7.log


Patch attached with submission follows:
Comment 1 Chris Rees freebsd_committer freebsd_triage 2011-09-01 17:27:33 UTC
Responsible Changed
From-To: freebsd-ports-bugs->crees

I'll take it.
Comment 2 Eitan Adler freebsd_committer freebsd_triage 2011-09-01 17:36:45 UTC
Responsible Changed
From-To: crees->eadler

crees allowed me to take this
Comment 3 Edwin Groothuis freebsd_committer freebsd_triage 2011-09-01 17:43:19 UTC
Maintainer of databases/mantis,

Please note that PR ports/160368 has just been submitted.

If it contains a patch for an upgrade, an enhancement or a bug fix
you agree on, reply to this email stating that you approve the patch
and a committer will take care of it.

The full text of the PR can be found at:
    http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/160368

-- 
Edwin Groothuis via the GNATS Auto Assign Tool
edwin@FreeBSD.org
Comment 4 Edwin Groothuis freebsd_committer freebsd_triage 2011-09-01 17:43:21 UTC
State Changed
From-To: open->feedback

Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
Comment 5 Dan Langille 2011-09-03 00:46:23 UTC
Approved by maintainer (who has no time to test this and assumes =
tinderbox will prove things).

--=20
Dan Langille - http://langille.org
Comment 6 Glen Barber freebsd_committer freebsd_triage 2011-09-03 17:17:13 UTC
State Changed
From-To: feedback->open

Approved by maintainer.
Comment 7 dfilter service freebsd_committer freebsd_triage 2011-09-05 16:55:51 UTC
eadler      2011-09-05 15:55:38 UTC

  FreeBSD ports repository

  Modified files:
    databases/mantis     Makefile distinfo pkg-plist 
    security/vuxml       vuln.xml 
  Log:
  - Update to 1.2.7
  
  PR:             ports/160368
  Submitted by:   gjb
  Approved by:    dvl (maintainer), bapt (mentor)
  Security:       CVE-2011-2938
  
  Revision  Changes    Path
  1.30      +1 -1      ports/databases/mantis/Makefile
  1.23      +2 -2      ports/databases/mantis/distinfo
  1.20      +19 -0     ports/databases/mantis/pkg-plist
  1.2436    +25 -1     ports/security/vuxml/vuln.xml
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 8 Eitan Adler freebsd_committer freebsd_triage 2011-09-05 18:41:20 UTC
State Changed
From-To: open->closed

You got what you wanted.