Bug 54165

Summary: [patch]fix 2 serious problem in phpbb 2.0.5
Product: Ports & Packages Reporter: Liu Kang <lazykang>
Component: Individual Port(s)Assignee: freebsd-ports-bugs (Nobody) <ports-bugs>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
file.diff
none
file.diff none

Description Liu Kang 2003-07-07 05:00:35 UTC 
phpbb 2.0.5 contains 2 serious problem:
1. SQL injection vulnerability in viewtopic.php (reference: 
http://www.phpbb.com/phpBB/viewtopic.php?t=112052)
2. potential vulnerability in admin/admin_styles.php (reference: 
http://www.phpbb.com/phpBB/viewtopic.php?t=113826)

I must apologize that I just update phpbb to 2.0.5 but didn't fix those 2 
vulnerability although I mention it in my last PR. ports/53691 
http://www.freebsd.org/cgi/query-pr.cgi?pr=53691
:-(

Fix: PORTNAME=      phpbb
PORTVERSION=   2.0.5
-#PORTREVISION= 1
+PORTREVISION=  1
CATEGORIES=    www
MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE}
MASTER_SITE_SUBDIR=    ${PORTNAME}
@@ -59,6 +59,8 @@
post-patch:
       @ ${REINPLACE_CMD} -e "s#\.\./templates#/${PHPBBURL}/templates#" \
         ${WRKSRC}/docs/*.html
+       @ ${RM} ${WRKSRC}/viewtopic.php.orig
+       @ ${RM} ${WRKSRC}/admin/admin_styles.php.orig

post-configure:
       @ ${SED} \



_________________________________________________________________
MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. 
http://join.msn.com/?page=features/virus--Kf0hPjvV4Ep1vLm1sl7toCyhvbaUVulVKOF8w18WTTzc9Htm
Content-Type: text/plain; name="file.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="file.diff"

--- Makefile.orig       Sun Jul  6 23:19:39 2003
+++ Makefile    Mon Jul  7 02:02:54 2003
@@ -7,7 +7,7 @@
How-To-Repeat:         n/a
Comment 1 Norikatsu Shigemura freebsd_committer freebsd_triage 2003-07-07 09:05:01 UTC 
State Changed
From-To: open->closed

Committed, thanks!