Bug 257066

Summary: databases/mantis: update to 2.25.2
Product: Ports & Packages Reporter: Zoltan ALEXANDERSON BESSE <zab>
Component: Individual Port(s)Assignee: Thomas Zander <riggs>
Status: Closed FIXED    
Severity: Affects Many People CC: ports-secteam, riggs
Priority: Normal Keywords: security
Version: LatestFlags: riggs: merge-quarterly+
Hardware: Any   
OS: Any   
URL: https://mantisbt.org/bugs/changelog_page.php
Bug Depends on: 257068    
Bug Blocks:    
Attachments:
Description Flags
patch for updating to 2.25.2 zab: maintainer-approval+

Description Zoltan ALEXANDERSON BESSE 2021-07-09 00:03:49 UTC 
Created attachment 226316 [details]
patch for updating to 2.25.2

Many bugfixes (including some security related) available in mantis versions between 2.25.0 and 2.25.2.

I created a patch to update from 2.24.4 to 2.25.2. Additionally the following optional plugins are updated as well: Activity, Announce, source-integration, slack, Snippets, Taskodrome

QA:
- portlint: no new warns/errors
- poudriere: OK (11.4R, 12.2R, 13.0R, 14-CURRENT, with/without my,pg,plugins)
- clean install: works well (12.2-RELEASE)
- upgrade from 2.24.4: one DB change updated neatly by install.php on its first run (following doc/en-US/Admin_Guide instuctions)

VuXML entry is on its way in a separate PR.
Comment 1 commit-hook freebsd_committer freebsd_triage 2021-07-10 15:15:05 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=2753d7dfd26f55ccb796810cb18f7ff28a48380b

commit 2753d7dfd26f55ccb796810cb18f7ff28a48380b
Author:     Thomas Zander <riggs@FreeBSD.org>
AuthorDate: 2021-07-10 12:58:09 +0000
Commit:     Thomas Zander <riggs@FreeBSD.org>
CommitDate: 2021-07-10 15:13:59 +0000

    databases/mantis: Update to 2.25.2.

    Details:
    - Many bugfixes (including some security related) available in the new
      mantis release 2.25.2.

    PR:             257066
    Reported by:    Zoltan ALEXANDERSON BESSE <zab@zltech.eu> (maintainer)
    MFH:            2021Q3
    Security:       CVE-2021-3603
                    CVE-2021-33557
                    CVE-2020-36326

 databases/mantis/Makefile | 14 +++++++-------
 databases/mantis/distinfo | 30 +++++++++++++++---------------
 2 files changed, 22 insertions(+), 22 deletions(-)
Comment 2 commit-hook freebsd_committer freebsd_triage 2021-07-10 16:16:15 UTC 
A commit in branch 2021Q3 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=c49917517ed055a316bc15fc94dca5c042774fd2

commit c49917517ed055a316bc15fc94dca5c042774fd2
Author:     Thomas Zander <riggs@FreeBSD.org>
AuthorDate: 2021-07-10 12:58:09 +0000
Commit:     Thomas Zander <riggs@FreeBSD.org>
CommitDate: 2021-07-10 15:15:24 +0000

    databases/mantis: Update to 2.25.2.

    Details:
    - Many bugfixes (including some security related) available in the new
      mantis release 2.25.2.

    PR:             257066
    Reported by:    Zoltan ALEXANDERSON BESSE <zab@zltech.eu> (maintainer)
    MFH:            2021Q3
    Security:       CVE-2021-3603
                    CVE-2021-33557
                    CVE-2020-36326

    (cherry picked from commit 2753d7dfd26f55ccb796810cb18f7ff28a48380b)

 databases/mantis/Makefile | 14 +++++++-------
 databases/mantis/distinfo | 30 +++++++++++++++---------------
 2 files changed, 22 insertions(+), 22 deletions(-)