Bug 41465

Summary: Update: www/gallery - security fixes
Product: Ports & Packages Reporter: Jamie Hermans <jamie>
Component: Individual Port(s)Assignee: Trevor Johnson <trevor>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
file.diff none

Description Jamie Hermans 2002-08-09 08:40:01 UTC 
	This release includes several SECURITY FIXES that address weaknesses in the Gallery code that can lead to a REMOTE EXPLOIT.
	Cleaned up a minor pkg-plist error as well.
Comment 1 Trevor Johnson freebsd_committer freebsd_triage 2002-08-09 09:36:38 UTC 
Responsible Changed
From-To: freebsd-ports->trevor

I'm looking at this.
Comment 2 Trevor Johnson 2002-08-09 09:49:22 UTC 
> -%%PORTDOCS%%@dirrm share/doc/gallery
[...]
> +@dirrm %%PORTDOCS%%share/doc/gallery

This change might be incorrect.  At least, I looked at several other ports
and they use the same syntax that the existing gallery port does.
-- 
Trevor Johnson
Comment 3 Trevor Johnson freebsd_committer freebsd_triage 2002-08-09 11:37:33 UTC 
State Changed
From-To: open->closed

Thank you for the PR.  I've updated your port.  Please synchronize 
your pkg-plist with the one in CVS, because yours is not sorted 
properly. 

When upgrading from version 1.3, I had to do: 

# chown www.wheel /usr/local/www/data-dist/gallery/config.php 
# chown www.wheel /usr/local/www/data-dist/gallery/.htaccess 

Probably the port should do this itself.  Do you have any objection?