Port www/trac, at version 0.9.5, is affected by a security vulnerability registered in VuXML: http://www.freebsd.org/ports/portaudit/b0d61f73-0e11-11db-a47b-000c2957fdf1.html The Trac project already made available version 0.9.6 which fixes the above problem -- quoting from http://trac.edgewall.org/wiki/ChangeLog : 0.9.6 * Fixed reStructuredText breach of privacy and denial of service vulnerability found by Felix Wiemann. Fix: No extensive testing, but I already use it in production at a customer site. PORTNAME= trac -PORTVERSION= 0.9.5 +PORTVERSION= 0.9.6 CATEGORIES= www devel python MASTER_SITES= http://ftp.edgewall.com/pub/trac/ \ ftp://ftp.edgewall.com/pub/trac/
State Changed From-To: open->feedback Awaiting maintainers feedback
Please apply the patch on this PR ASAP. Thanks! Best regards, Rui Lopes
Responsible Changed From-To: freebsd-ports-bugs->itetcu Ady, why not from the RoFUG address :) ?
State Changed From-To: feedback->closed Committed. Thanks!