Summary: | databases/mantis: Update to 2.16.0 with CVE Fixes | ||||||
---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | Nathan <ndowens04> | ||||
Component: | Individual Port(s) | Assignee: | Tobias Kortkamp <tobik> | ||||
Status: | Closed FIXED | ||||||
Severity: | Affects Some People | CC: | joneum, tobik | ||||
Priority: | --- | ||||||
Version: | Latest | ||||||
Hardware: | Any | ||||||
OS: | Any | ||||||
URL: | https://reviews.freebsd.org/D16890 | ||||||
Attachments: |
|
Description
Nathan
2018-07-19 04:03:44 UTC
Also seems to fix several CVE: https://github.com/mantisbt/mantisbt/search?q=XSS&unscoped_q=XSS&type=Commits A commit references this bug: Author: joneum Date: Sun Jul 29 10:42:24 UTC 2018 New revision: 475643 URL: https://svnweb.freebsd.org/changeset/ports/475643 Log: document mantis issues PR: 229880 Submitted by: Nathan <ndowens.fbsd@yandex.com> Changes: head/security/vuxml/vuln.xml A commit references this bug: Author: joneum Date: Sun Jul 29 10:51:37 UTC 2018 New revision: 475644 URL: https://svnweb.freebsd.org/changeset/ports/475644 Log: databases/mantis: Update to 2.15.0 Changelog: https://mantisbt.org/bugs/changelog_page.php?project=mantisbt&version=2.15.0 PR: 229880 Submitted by: Nathan <ndowens.fbsd@yandex.com> MFH: 2018Q3 Security: 0822a4cf-9318-11e8-8d88-00e04c1ea73d Changes: head/databases/mantis/Makefile head/databases/mantis/distinfo A commit references this bug: Author: joneum Date: Sun Jul 29 12:28:46 UTC 2018 New revision: 475656 URL: https://svnweb.freebsd.org/changeset/ports/475656 Log: MFH: r475644 databases/mantis: Update to 2.15.0 Changelog: https://mantisbt.org/bugs/changelog_page.php?project=mantisbt&version=2.15.0 PR: 229880 Submitted by: Nathan <ndowens.fbsd@yandex.com> Security: 0822a4cf-9318-11e8-8d88-00e04c1ea73d Approved by: ports-secteam (miwi) Changes: _U branches/2018Q3/ branches/2018Q3/databases/mantis/Makefile branches/2018Q3/databases/mantis/distinfo A commit references this bug: Author: tobik Date: Fri Aug 24 10:32:47 UTC 2018 New revision: 477954 URL: https://svnweb.freebsd.org/changeset/ports/477954 Log: databases/mantis: Revert fake update from r475644 The checksums and sizes from 2.9.0 and 2.15.0 are identical because GH_TAGNAME was not updated as well, so the update to 2.15.0 never actually happened. PR: 229880 Pointy hat: joneum MFH: 2018Q3 Security: 0822a4cf-9318-11e8-8d88-00e04c1ea73d Changes: head/databases/mantis/Makefile head/databases/mantis/distinfo Reopen as the update only bumped PORTVERSION without actually changing anything else. WIP update to 2.16.0 at https://reviews.freebsd.org/D16890 which should also fix the CVE. A commit references this bug: Author: tobik Date: Wed Aug 29 12:03:24 UTC 2018 New revision: 478349 URL: https://svnweb.freebsd.org/changeset/ports/478349 Log: databases/mantis: Update to 2.16.0 - Use upstream release tarball instead of doing our own vendoring - Add missing PHP extensions - Flavorize - Update plugins and install them by default - Add LICENSE - Improve pkg-descr Changes: https://mantisbt.org/bugs/changelog_page.php?project=mantisbt&version=2.16.0 PR: 229880 Reviewed by: dvl, mat, ndowens@yahoo.com MFH: 2018Q3 (with r477954, r477984) Security: 0822a4cf-9318-11e8-8d88-00e04c1ea73d Differential Revision: https://reviews.freebsd.org/D16890 Changes: head/databases/mantis/Makefile head/databases/mantis/distinfo head/databases/mantis/files/patch-api_rest_swagger_index.php head/databases/mantis/files/pkg-message.in head/databases/mantis/pkg-descr head/databases/mantis/pkg-plist A commit references this bug: Author: tobik Date: Thu Aug 30 05:59:04 UTC 2018 New revision: 478432 URL: https://svnweb.freebsd.org/changeset/ports/478432 Log: MFH: r477954 r477984 r478349 databases/mantis: Revert fake update from r475644 The checksums and sizes from 2.9.0 and 2.15.0 are identical because GH_TAGNAME was not updated as well, so the update to 2.15.0 never actually happened. PR: 229880 Pointy hat: joneum Security: 0822a4cf-9318-11e8-8d88-00e04c1ea73d Take maintainership of databases/mantis databases/mantis: Update to 2.16.0 - Use upstream release tarball instead of doing our own vendoring - Add missing PHP extensions - Flavorize - Update plugins and install them by default - Add LICENSE - Improve pkg-descr Changes: https://mantisbt.org/bugs/changelog_page.php?project=mantisbt&version=2.16.0 PR: 229880 Reviewed by: dvl, mat, ndowens@yahoo.com Security: 0822a4cf-9318-11e8-8d88-00e04c1ea73d Differential Revision: https://reviews.freebsd.org/D16890 Approved by: ports-secteam (miwi) Changes: _U branches/2018Q3/ branches/2018Q3/databases/mantis/Makefile branches/2018Q3/databases/mantis/distinfo branches/2018Q3/databases/mantis/files/patch-api_rest_swagger_index.php branches/2018Q3/databases/mantis/files/pkg-message.in branches/2018Q3/databases/mantis/pkg-descr branches/2018Q3/databases/mantis/pkg-plist A commit references this bug: Author: tobik Date: Thu Aug 30 05:59:04 UTC 2018 New revision: 478432 URL: https://svnweb.freebsd.org/changeset/ports/478432 Log: MFH: r477954 r477984 r478349 databases/mantis: Revert fake update from r475644 The checksums and sizes from 2.9.0 and 2.15.0 are identical because GH_TAGNAME was not updated as well, so the update to 2.15.0 never actually happened. PR: 229880 Pointy hat: joneum Security: 0822a4cf-9318-11e8-8d88-00e04c1ea73d Take maintainership of databases/mantis databases/mantis: Update to 2.16.0 - Use upstream release tarball instead of doing our own vendoring - Add missing PHP extensions - Flavorize - Update plugins and install them by default - Add LICENSE - Improve pkg-descr Changes: https://mantisbt.org/bugs/changelog_page.php?project=mantisbt&version=2.16.0 PR: 229880 Reviewed by: dvl, mat, ndowens@yahoo.com Security: 0822a4cf-9318-11e8-8d88-00e04c1ea73d Differential Revision: https://reviews.freebsd.org/D16890 Approved by: ports-secteam (miwi) Changes: _U branches/2018Q3/ branches/2018Q3/databases/mantis/Makefile branches/2018Q3/databases/mantis/distinfo branches/2018Q3/databases/mantis/files/patch-api_rest_swagger_index.php branches/2018Q3/databases/mantis/files/pkg-message.in branches/2018Q3/databases/mantis/pkg-descr branches/2018Q3/databases/mantis/pkg-plist |