Created attachment 162383 [details] Patch to update Drupal 7.40 to 7.41 Updates Drupal 7.40 to 7.41. https://www.drupal.org/drupal-7.41-release-notes Release notes Maintenance and security release of the Drupal 7 series. This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcement: Drupal Core - Overlay - Less Critical - Open Redirect - SA-CORE-2015-004 No other fixes are included. No changes have been made to the .htaccess, web.config, robots.txt or default settings.php files in this release, so upgrading custom versions of those files is not necessary. Known issues: None.
Reset merge quarterly. Set merge quarterly to + when committed, else set to - to reject (not needed, not approved)
Created attachment 162403 [details] Output from portlint -A Warnings noted for .info files do not apply because drupal .info files are static text file for defining and configuring a theme.
A commit references this bug: Author: junovitch Date: Sat Oct 24 03:55:26 UTC 2015 New revision: 400101 URL: https://svnweb.freebsd.org/changeset/ports/400101 Log: Document redirect vulnerability in the drupal7 overlay module PR: 203977 Security: CVE-2015-7943 Security: https://vuxml.FreeBSD.org/freebsd/75f39413-7a00-11e5-a2a1-002590263bf5.html Changes: head/security/vuxml/vuln.xml
A commit references this bug: Author: junovitch Date: Sat Oct 24 03:57:08 UTC 2015 New revision: 400102 URL: https://svnweb.freebsd.org/changeset/ports/400102 Log: www/drupal7: security update 7.40 -> 7.41 [1] - While here also add NO_ARCH PR: 203977 Submitted by: Simon Wright <simon.wright@gmx.net> (maintainer) [1] Security: CVE-2015-7943 Security: https://vuxml.FreeBSD.org/freebsd/75f39413-7a00-11e5-a2a1-002590263bf5.html MFH: 2015Q4 X-MFH-With: r399526 Changes: head/www/drupal7/Makefile head/www/drupal7/distinfo
A commit references this bug: Author: junovitch Date: Sat Oct 24 04:04:13 UTC 2015 New revision: 400103 URL: https://svnweb.freebsd.org/changeset/ports/400103 Log: MFH: r399526, r400102 r399526 Update to 7.40. PR: ports/203829 Submitted by: Simon Wright (maintainer) r400102 www/drupal7: security update 7.40 -> 7.41 [1] - While here also add NO_ARCH PR: 203977 Submitted by: Simon Wright <simon.wright@gmx.net> (maintainer) [1] Security: CVE-2015-7943 Security: https://vuxml.FreeBSD.org/freebsd/75f39413-7a00-11e5-a2a1-002590263bf5.html Approved by: ports-secteam (delphij) Changes: _U branches/2015Q4/ branches/2015Q4/www/drupal7/Makefile branches/2015Q4/www/drupal7/distinfo branches/2015Q4/www/drupal7/pkg-plist
Thanks again for your prompt work Simon! The update was committed and the PR as now closed. Also set merge-quarterly+ again. Koobs, based on the context, much as the maintainer set maintainer-approval+ to show he approved the change I applied Xin setting merge-quarterly+ as the change is approved for MFH (following an obvious review and QA).