This release includes several SECURITY FIXES that address weaknesses in the Gallery code that can lead to a REMOTE EXPLOIT.
Cleaned up a minor pkg-plist error as well.
I'm looking at this.
> -%%PORTDOCS%%@dirrm share/doc/gallery
> +@dirrm %%PORTDOCS%%share/doc/gallery
This change might be incorrect. At least, I looked at several other ports
and they use the same syntax that the existing gallery port does.
Thank you for the PR. I've updated your port. Please synchronize
your pkg-plist with the one in CVS, because yours is not sorted
When upgrading from version 1.3, I had to do:
# chown www.wheel /usr/local/www/data-dist/gallery/config.php
# chown www.wheel /usr/local/www/data-dist/gallery/.htaccess
Probably the port should do this itself. Do you have any objection?