phpbb 2.0.5 contains 2 serious problem: 1. SQL injection vulnerability in viewtopic.php (reference: http://www.phpbb.com/phpBB/viewtopic.php?t=112052) 2. potential vulnerability in admin/admin_styles.php (reference: http://www.phpbb.com/phpBB/viewtopic.php?t=113826) I must apologize that I just update phpbb to 2.0.5 but didn't fix those 2 vulnerability although I mention it in my last PR. ports/53691 http://www.freebsd.org/cgi/query-pr.cgi?pr=53691 :-( Fix: PORTNAME= phpbb PORTVERSION= 2.0.5 -#PORTREVISION= 1 +PORTREVISION= 1 CATEGORIES= www MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} MASTER_SITE_SUBDIR= ${PORTNAME} @@ -59,6 +59,8 @@ post-patch: @ ${REINPLACE_CMD} -e "s#\.\./templates#/${PHPBBURL}/templates#" \ ${WRKSRC}/docs/*.html + @ ${RM} ${WRKSRC}/viewtopic.php.orig + @ ${RM} ${WRKSRC}/admin/admin_styles.php.orig post-configure: @ ${SED} \ _________________________________________________________________ MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus--Kf0hPjvV4Ep1vLm1sl7toCyhvbaUVulVKOF8w18WTTzc9Htm Content-Type: text/plain; name="file.diff" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="file.diff" --- Makefile.orig Sun Jul 6 23:19:39 2003 +++ Makefile Mon Jul 7 02:02:54 2003 @@ -7,7 +7,7 @@ How-To-Repeat: n/a
State Changed From-To: open->closed Committed, thanks!