Bug 236767

Summary: www/drupal8: Update to 8.6.13 (Fixes Cross Site Scripting vulnerability: SA-CORE-2019-004)
Product: Ports & Packages Reporter: tech-lists
Component: Individual Port(s)Assignee: Jose Alonso Cardenas Marquez <acm>
Status: Closed FIXED    
Severity: Affects Many People CC: ports-secteam
Priority: Normal Keywords: needs-patch, security
Version: LatestFlags: bugzilla: maintainer-feedback? (acm)
koobs: merge-quarterly?
Hardware: Any   
OS: Any   
URL: https://www.drupal.org/project/drupal/releases/8.6.13

Description tech-lists 2019-03-24 23:24:56 UTC 
ports as of 496785 still builds drupal8-8.6.12 ; the latest version is 8.6.13 https://www.drupal.org/project/drupal/releases/8.6.13
Comment 1 Kubilay Kocak freebsd_committer freebsd_triage 2019-03-25 09:31:25 UTC 
Pending patch to update, VuXML entry and MFH
Comment 2 commit-hook freebsd_committer freebsd_triage 2019-03-27 21:52:15 UTC 
A commit references this bug:

Author: acm
Date: Wed Mar 27 21:51:21 UTC 2019
New revision: 496986
URL: https://svnweb.freebsd.org/changeset/ports/496986

Log:
  - Update to 8.1.13

  PR:		236767
  Reported by:	tech-lists  at  zyxst.net
  Security:	94d63fd7-508b-11e9-9ba0-4c72b94353b5

Changes:
  head/www/drupal8/Makefile
  head/www/drupal8/distinfo
  head/www/drupal8/pkg-plist