Summary: | mail/roundcube: Update to 1.2.3 (Fixes security vulnerability) | ||||||
---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | Bernard Spil <brnrd> | ||||
Component: | Individual Port(s) | Assignee: | Alex Dupre <ale> | ||||
Status: | Closed FIXED | ||||||
Severity: | Affects Many People | CC: | junovitch, pierre, ports-secteam | ||||
Priority: | --- | Keywords: | patch, patch-ready, security | ||||
Version: | Latest | Flags: | bugzilla:
maintainer-feedback?
(ale) junovitch: merge-quarterly+ |
||||
Hardware: | Any | ||||||
OS: | Any | ||||||
Attachments: |
|
Description
Bernard Spil
2016-11-29 09:01:47 UTC
Created attachment 177504 [details]
svn diff for mail/roundcube
Author: brnrd Date: Tue Nov 29 08:55:55 2016 New Revision: 427367 URL: https://svnweb.freebsd.org/changeset/ports/427367 Log: security/vuxml: Document Roundcube vulnerability Modified: head/security/vuxml/vuln.xml Can somebody commit the patch please? A commit references this bug: Author: junovitch Date: Sun Dec 4 21:01:17 UTC 2016 New revision: 427802 URL: https://svnweb.freebsd.org/changeset/ports/427802 Log: mail/roundcube: update 1.2.2 -> 1.2.3; add NO_ARCH while here Changes: https://github.com/roundcube/roundcubemail/wiki/Changelog#release-123 PR: 214925 Submitted by: brnrd Approved by: ports-secteam (with hat) Security: https://vuxml.FreeBSD.org/freebsd/125f5958-b611-11e6-a9a5-b499baebfeaf.html MFH: 2016Q4 X-MFH-With: r423243, r423250, r423479 Changes: head/mail/roundcube/Makefile head/mail/roundcube/distinfo A commit references this bug: Author: junovitch Date: Sun Dec 4 21:03:15 UTC 2016 New revision: 427804 URL: https://svnweb.freebsd.org/changeset/ports/427804 Log: MFH: r423243 r423250 r423479 r427802 mail/roundcube: Update to 1.2.1 - Update to 1.2.1 - Add missing .htaccess file in WWWDIR [1] - Switch WANT_PHP_WEB to USES= php:web - Add description for DB options group - Convert all ${PORT_OPTIONS:Mfoo} to OPTIONS framework - Convert target conditionals to target-OPT-on PR: 196016 [1] Submitted by: Lukasz Wasikowski <lukasz@wasikowski.net> [1] Approved by: Maintainer timeout mail/roundcube: fix dependency when using SQLite, bump PORTREVISION mail/roundcube: 1.2.1 -> 1.2.2 PR: 196026 Changes: https://github.com/roundcube/roundcubemail/wiki/Changelog#release-122 Submitted by: brnrd Approved by: ale (maintainer timeout) mail/roundcube: update 1.2.2 -> 1.2.3; add NO_ARCH while here Changes: https://github.com/roundcube/roundcubemail/wiki/Changelog#release-123 PR: 214925 Submitted by: brnrd Security: https://vuxml.FreeBSD.org/freebsd/125f5958-b611-11e6-a9a5-b499baebfeaf.html Approved by: ports-secteam (with hat) Changes: _U branches/2016Q4/ branches/2016Q4/mail/roundcube/Makefile branches/2016Q4/mail/roundcube/distinfo Update committed and MFH'd to quarterly. A commit references this bug: Author: junovitch Date: Wed Dec 14 03:12:28 UTC 2016 New revision: 428543 URL: https://svnweb.freebsd.org/changeset/ports/428543 Log: Update Roundcube entry with CVE and Bugtraq ID and switch to more detailed Mitre verbiage. PR: 214925 Security: CVE-2016-9920 Security: https://vuxml.FreeBSD.org/freebsd/125f5958-b611-11e6-a9a5-b499baebfeaf.html Changes: head/security/vuxml/vuln.xml |