Bug 160368 - [patch] databases/mantis: Update to latest version
Summary: [patch] databases/mantis: Update to latest version
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Eitan Adler
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-09-01 17:10 UTC by Glen Barber
Modified: 2011-09-05 18:41 UTC (History)
0 users

See Also:

Attachments
file.diff (6.51 KB, patch)
2011-09-01 17:10 UTC, Glen Barber 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Glen Barber freebsd_committer freebsd_triage 2011-09-01 17:10:07 UTC 
Update databases/mantis to version 1.2.7:

Version 1.2.7 addresses a XSS vulnerability in search.php.  Details can be found at:
http://www.mantisbt.org/blog/?p=142
http://www.mantisbt.org/bugs/view.php?id=13245


Complete change log:
http://www.mantisbt.org/bugs/changelog_page.php?version_id=138

Fix: Patch included.

Tinderbox logs can be found here:
- https://builder.glenbarber.us/tb/logs/7-32-FreeBSD/mantis-1.2.7.log
- https://builder.glenbarber.us/tb/logs/8-32-FreeBSD/mantis-1.2.7.log
- https://builder.glenbarber.us/tb/logs/9-32-FreeBSD/mantis-1.2.7.log


Patch attached with submission follows:
Comment 1 Chris Rees freebsd_committer freebsd_triage 2011-09-01 17:27:33 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->crees

I'll take it.
Comment 2 Eitan Adler freebsd_committer freebsd_triage 2011-09-01 17:36:45 UTC 
Responsible Changed
From-To: crees->eadler

crees allowed me to take this
Comment 3 Edwin Groothuis freebsd_committer freebsd_triage 2011-09-01 17:43:19 UTC 
Maintainer of databases/mantis,

Please note that PR ports/160368 has just been submitted.

If it contains a patch for an upgrade, an enhancement or a bug fix
you agree on, reply to this email stating that you approve the patch
and a committer will take care of it.

The full text of the PR can be found at:
    http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/160368

-- 
Edwin Groothuis via the GNATS Auto Assign Tool
edwin@FreeBSD.org
Comment 4 Edwin Groothuis freebsd_committer freebsd_triage 2011-09-01 17:43:21 UTC 
State Changed
From-To: open->feedback

Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
Comment 5 Dan Langille 2011-09-03 00:46:23 UTC 
Approved by maintainer (who has no time to test this and assumes =
tinderbox will prove things).

--=20
Dan Langille - http://langille.org
Comment 6 Glen Barber freebsd_committer freebsd_triage 2011-09-03 17:17:13 UTC 
State Changed
From-To: feedback->open

Approved by maintainer.
Comment 7 dfilter service freebsd_committer freebsd_triage 2011-09-05 16:55:51 UTC 
eadler      2011-09-05 15:55:38 UTC

  FreeBSD ports repository

  Modified files:
    databases/mantis     Makefile distinfo pkg-plist 
    security/vuxml       vuln.xml 
  Log:
  - Update to 1.2.7
  
  PR:             ports/160368
  Submitted by:   gjb
  Approved by:    dvl (maintainer), bapt (mentor)
  Security:       CVE-2011-2938
  
  Revision  Changes    Path
  1.30      +1 -1      ports/databases/mantis/Makefile
  1.23      +2 -2      ports/databases/mantis/distinfo
  1.20      +19 -0     ports/databases/mantis/pkg-plist
  1.2436    +25 -1     ports/security/vuxml/vuln.xml
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 8 Eitan Adler freebsd_committer freebsd_triage 2011-09-05 18:41:20 UTC 
State Changed
From-To: open->closed

You got what you wanted.