Bug 203401 - www/codeigniter: security/vuxml: security update 2.1.4 -> 2.2.4 (multiple vulnerabilities)
Summary: www/codeigniter: security/vuxml: security update 2.1.4 -> 2.2.4 (multiple vul...
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Jason Unovitch
URL:
Keywords: security
Depends on:
Blocks:
 
Reported: 2015-09-28 00:59 UTC by Jason Unovitch
Modified: 2015-09-28 22:21 UTC (History)
2 users (show)

See Also:
bugzilla: maintainer-feedback? (appleboy.tw)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jason Unovitch freebsd_committer 2015-09-28 00:59:16 UTC
https://codeigniter.com/userguide2/changelog.html
Comment 1 commit-hook freebsd_committer 2015-09-28 01:09:54 UTC
A commit references this bug:

Author: junovitch
Date: Mon Sep 28 01:09:13 UTC 2015
New revision: 398068
URL: https://svnweb.freebsd.org/changeset/ports/398068

Log:
  Document multiple vulnerabilities in CodeIgniter

  PR:		203401
  Security:	5114cd11-6571-11e5-9909-002590263bf5
  Security:	01bce4c6-6571-11e5-9909-002590263bf5
  Security:	c21f4e61-6570-11e5-9909-002590263bf5
  Security:	f838dcb4-656f-11e5-9909-002590263bf5
  Security:	b7d785ea-656d-11e5-9909-002590263bf5

Changes:
  head/security/vuxml/vuln.xml
Comment 2 commit-hook freebsd_committer 2015-09-28 01:14:55 UTC
A commit references this bug:

Author: junovitch
Date: Mon Sep 28 01:14:09 UTC 2015
New revision: 398069
URL: https://svnweb.freebsd.org/changeset/ports/398069

Log:
  www/codeigniter: security update 2.1.4 -> 2.2.4 [1]

  - Add NO_ARCH
  - Add mcrypt to USE_PHP (2.2.0+ requirement) and sort USE_PHP
  - Remove hard coded PHP_DEFAULT= 5.4 [2]
  - Sort OPTIONS_DEFINE, fix malformed ODBC_DESC, fix sqlite3 dependency
  - Update pkg-descr text to match http://www.codeigniter.com/
  - Update WWW to http://www.codeigniter.com/

  PR:		203401 [1]
  PR:		200945 [2]
  Reported by:	allanjude [2]
  Approved by:	maintainer timeout (15 months since 2.2.0 security update) [1]
  Approved by:	maintainer timeout (3 months) [2]
  Security:	5114cd11-6571-11e5-9909-002590263bf5
  Security:	01bce4c6-6571-11e5-9909-002590263bf5
  Security:	c21f4e61-6570-11e5-9909-002590263bf5
  Security:	f838dcb4-656f-11e5-9909-002590263bf5
  MFH:		2015Q3

Changes:
  head/www/codeigniter/Makefile
  head/www/codeigniter/distinfo
  head/www/codeigniter/pkg-descr
  head/www/codeigniter/pkg-plist
Comment 3 Jason Unovitch freebsd_committer 2015-09-28 01:34:42 UTC
CC ports-secteam@ after the fact to aid tracking.  Had I named the PR properly initially that would have been done.

No actions needed pending MFH approval and closure after that.
Comment 4 commit-hook freebsd_committer 2015-09-28 22:04:47 UTC
A commit references this bug:

Author: junovitch
Date: Mon Sep 28 22:04:00 UTC 2015
New revision: 398149
URL: https://svnweb.freebsd.org/changeset/ports/398149

Log:
  MFH: r398069

  www/codeigniter: security update 2.1.4 -> 2.2.4 [1]

  - Add NO_ARCH
  - Add mcrypt to USE_PHP (2.2.0+ requirement) and sort USE_PHP
  - Remove hard coded PHP_DEFAULT= 5.4 [2]
  - Sort OPTIONS_DEFINE, fix malformed ODBC_DESC, fix sqlite3 dependency
  - Update pkg-descr text to match http://www.codeigniter.com/
  - Update WWW to http://www.codeigniter.com/

  PR:		203401 [1]
  PR:		200945 [2]
  Reported by:	allanjude [2]
  Approved by:	maintainer timeout (15 months since 2.2.0 security update) [1]
  Approved by:	maintainer timeout (3 months) [2]
  Approved by:	ports-secteam (feld)
  Security:	5114cd11-6571-11e5-9909-002590263bf5
  Security:	01bce4c6-6571-11e5-9909-002590263bf5
  Security:	c21f4e61-6570-11e5-9909-002590263bf5
  Security:	f838dcb4-656f-11e5-9909-002590263bf5

Changes:
_U  branches/2015Q3/
  branches/2015Q3/www/codeigniter/Makefile
  branches/2015Q3/www/codeigniter/distinfo
  branches/2015Q3/www/codeigniter/pkg-descr
  branches/2015Q3/www/codeigniter/pkg-plist