127970 – [UPDATE] devel/viewvc to 1.0.6

Bug 127970 - [UPDATE] devel/viewvc to 1.0.6

Summary: [UPDATE] devel/viewvc to 1.0.6

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	Wesley Shields

URL:
Keywords:

Depends on:
Blocks:

Reported:	2008-10-09 10:30 UTC by Martin Matuska
Modified:	2008-11-18 00:10 UTC (History)
CC List:	0 users

See Also:

Attachments
file.diff (3.21 KB, patch) 2008-10-09 10:30 UTC, Martin Matuska	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Martin Matuska freebsd_committer

2008-10-09 10:30:10 UTC

- Update viewvc from 1.0.5 to 1.0.6

Removed files: files/patch-svn-r1993

Comment 1 Edwin Groothuis freebsd_committer

2008-10-09 10:30:20 UTC

Responsible Changed
From-To: freebsd-ports-bugs->pgollucci

Over to maintainer (via the GNATS Auto Assign Tool)

Comment 2 Romain Tartière 2008-11-12 11:22:41 UTC

Please consider an update to 1.0.7:
 - Update to latest stable version (Multiple vulnerability fixes, see log bellow);
 - Fix typo in pkg-message;
 - files/patch-svn-r1993 has to be removed;

========================== ChangeLog ========================

Version 1.0.7 (released 14-Oct-2008)

  * fix regression in the 'as text' download view (issue #373)

Version 1.0.6 (released 16-Sep-2008)

  * security fix: ignore arbitrary user-provided MIME types (issue #354)
  * fix bug in regexp search filter when used with sticky tag (issue #346)
  * fix bug in handling of certain 'co' output (issue #348)
  * fix regexp search filter template bug
  * fix annotate code syntax error
  * fix mod_python import cycle (issue #369)

Version 1.0.5 (released 28-Feb-2008)

  * security fix: omit commits of all-forbidden files from query results
  * security fix: disallow direct URL navigation to hidden CVSROOT folder
  * security fix: strip forbidden paths from revision view
  * security fix: don't traverse log history thru forbidden locations
  * security fix: honor forbiddenness via diff view path parameters
  * new 'forbiddenre' regexp-based path authorization feature
  * fix root name conflict resolution inconsistencies (issue #287)
  * fix an oversight in the CVS 1.12.9 loginfo-handler support
  * fix RSS feed content type to be more specific (issue #306)
  * fix entity escaping problems in RSS feed data (issue #238)
  * fix bug in tarball generation for remote Subversion repositories
  * fix query interface file-count-limiting logic
  * fix query results plus/minus count to ignore forbidden files
  * fix blame error caused by 'svn' unable to create runtime config dir


--- viewvc.diff begins here ---
diff -ruN /usr/ports/devel/viewvc/Makefile devel/viewvc/Makefile
--- /usr/ports/devel/viewvc/Makefile	2008-08-22 18:47:20.000000000 +0200
+++ devel/viewvc/Makefile	2008-11-12 12:01:02.770367000 +0100
@@ -6,10 +6,9 @@
 #
 
 PORTNAME=	viewvc
-PORTVERSION=	1.0.5
-PORTREVISION=	4
+PORTVERSION=	1.0.7
 CATEGORIES=	devel python
-MASTER_SITES=	http://viewvc.tigris.org/files/documents/3330/41694/
+MASTER_SITES=	http://viewvc.tigris.org/files/documents/3330/44050/
 
 MAINTAINER=	pgollucci@FreeBSD.org
 COMMENT=	Web-based Version Control Repository Browsing
diff -ruN /usr/ports/devel/viewvc/distinfo devel/viewvc/distinfo
--- /usr/ports/devel/viewvc/distinfo	2008-04-03 04:39:36.000000000 +0200
+++ devel/viewvc/distinfo	2008-11-12 12:01:02.770367000 +0100
@@ -1,3 +1,3 @@
-MD5 (viewvc-1.0.5.tar.gz) = 8fc8107f937b9da481b14333a7fdb29d
-SHA256 (viewvc-1.0.5.tar.gz) = 0caf17fa0137231c0a78a5c57e758da73475212516d4758fe521def007a8fddd
-SIZE (viewvc-1.0.5.tar.gz) = 522323
+MD5 (viewvc-1.0.7.tar.gz) = cfc8c51418114704c23de64f8e6c04dd
+SHA256 (viewvc-1.0.7.tar.gz) = d801c903efc993e15d08f38eb84f084a596bc3f7b97b0c2c044b16c41645df76
+SIZE (viewvc-1.0.7.tar.gz) = 522560
diff -ruN /usr/ports/devel/viewvc/files/patch-svn-r1993 devel/viewvc/files/patch-svn-r1993
--- /usr/ports/devel/viewvc/files/patch-svn-r1993	2008-08-22 18:47:20.000000000 +0200
+++ devel/viewvc/files/patch-svn-r1993	1970-01-01 01:00:00.000000000 +0100
@@ -1,54 +0,0 @@
-Index: bin/mod_python/viewvc.py
-===================================================================
---- bin/mod_python/viewvc.py	(revision 1992)
-+++ bin/mod_python/viewvc.py	(revision 1993)
-@@ -42,9 +42,15 @@
-   sys.path.insert(0, LIBRARY_DIR)
- 
- import sapi
--import viewvc
--reload(viewvc) # need reload because initial import loads this stub file
-+import imp
- 
-+# Import real ViewVC module
-+fp, pathname, description = imp.find_module('viewvc', [LIBRARY_DIR])
-+try:
-+  viewvc = imp.load_module('viewvc', fp, pathname, description)
-+finally:
-+  if fp:
-+    fp.close()
- 
- def index(req):
-   server = sapi.ModPythonServer(req)
-Index: bin/mod_python/query.py
-===================================================================
---- bin/mod_python/query.py	(revision 1992)
-+++ bin/mod_python/query.py	(revision 1993)
-@@ -42,10 +42,24 @@
-   sys.path.insert(0, LIBRARY_DIR)
- 
- import sapi
--import viewvc
--import query
--reload(query) # need reload because initial import loads this stub file
-+import imp
- 
-+# Import real ViewVC module
-+fp, pathname, description = imp.find_module('viewvc', [LIBRARY_DIR])
-+try:
-+  viewvc = imp.load_module('viewvc', fp, pathname, description)
-+finally:
-+  if fp:
-+    fp.close()
-+
-+# Import real ViewVC Query modules
-+fp, pathname, description = imp.find_module('query', [LIBRARY_DIR])
-+try:
-+  query = imp.load_module('query', fp, pathname, description)
-+finally:
-+  if fp:
-+    fp.close()
-+
- cfg = viewvc.load_config(CONF_PATHNAME)
- 
- def index(req):
diff -ruN /usr/ports/devel/viewvc/files/pkg-message.in devel/viewvc/files/pkg-message.in
--- /usr/ports/devel/viewvc/files/pkg-message.in	2008-08-19 23:59:23.000000000 +0200
+++ devel/viewvc/files/pkg-message.in	2008-11-12 12:01:02.770367000 +0100
@@ -23,7 +23,7 @@
  Example config lines for Apache
  ==================================
  Alias /viewvc "%%PREFIX%%/viewvc/bin/cgi/"
- <Directory "%%PRFIX%%/viewvc/bin/cgi">
+ <Directory "%%PREFIX%%/viewvc/bin/cgi">
     Options NONE +ExecCGI
     DirectoryIndex  /viewvc/viewvc.cgi
     Order allow,deny
--- viewvc.diff ends here ---


-- 
Romain Tartière <romain@blogreen.org>        http://romain.blogreen.org/
pgp: 8DAB A124 0DA4 7024 F82A  E748 D8E9 A33F FF56 FF43 (ID: 0xFF56FF43)
(plain text =non-HTML= PGP/GPG encrypted/signed e-mail much appreciated)

Comment 3 Wesley Shields freebsd_committer

2008-11-12 14:23:17 UTC

Responsible Changed
From-To: pgollucci->wxs

I'll take it.

Comment 4 dfilter service freebsd_committer

2008-11-18 00:04:21 UTC

wxs         2008-11-18 00:04:08 UTC

  FreeBSD ports repository

  Modified files:
    devel/viewvc         Makefile distinfo 
  Removed files:
    devel/viewvc/files   patch-svn-r1993 
  Log:
  Update to 1.0.7
  
  PR:             ports/127970
  Submitted by:   romain@blogreen.org
  Approved by:    maintainer timeout
  
  Revision  Changes    Path
  1.34      +2 -3      ports/devel/viewvc/Makefile
  1.16      +3 -3      ports/devel/viewvc/distinfo
  1.2       +0 -54     ports/devel/viewvc/files/patch-svn-r1993 (dead)
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"

Comment 5 Wesley Shields freebsd_committer

2008-11-18 00:04:24 UTC

State Changed
From-To: open->closed

Committed. Thanks!