pkgsrc-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

pkg/33941: www/trac 0.9.5 have breach of privacy and denial of service vulnerability, should update to 0.9.6



>Number:         33941
>Category:       pkg
>Synopsis:       www/trac 0.9.5 have breach of privacy and denial of service 
>vulnerability, should update to 0.9.6
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    pkg-manager
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Fri Jul 07 17:10:00 +0000 2006
>Originator:     OBATA Akio
>Release:        NetBSD 3.0.0_STABLE
>Organization:
        LINS, Japan.
>Environment:
System: NetBSD miki.lins.jp 3.0.0_STABLE NetBSD 3.0.0_STABLE (MIKI) #17: Fri 
Jun 16 20:50:15 JST 2006 
obata%miki.lins.jp@localhost:/usr/src/sys/arch/i386/compile/MIKI i386
Architecture: i386
Machine: i386
>Description:
        from ChangeLog:

        Trac 0.9.6  (Jul 6, 2006)
        http://svn.edgewall.com/repos/trac/tags/trac-0.9.6

         * Fixed reStructuredText breach of privacy and denial of service 
vulnerability
           found by Felix Wiemann.
         * trac-post-commit-hook fixes.
         * Fixed bugs: #2894, #3058, #3209 #3325.


>How-To-Repeat:
        N/A
>Fix:
        Here is a patch for update.

Index: www/trac/Makefile
===================================================================
RCS file: /home/cvsroot/NetBSD/pkgsrc/www/trac/Makefile,v
retrieving revision 1.19
diff -u -r1.19 Makefile
--- www/trac/Makefile   26 Apr 2006 16:08:20 -0000      1.19
+++ www/trac/Makefile   7 Jul 2006 16:51:51 -0000
@@ -1,7 +1,7 @@
 # $NetBSD: Makefile,v 1.19 2006/04/26 16:08:20 salo Exp $
 #
 
-DISTNAME=      trac-0.9.5
+DISTNAME=      trac-0.9.6
 CATEGORIES=    devel www
 MASTER_SITES=  http://ftp.edgewall.com/pub/trac/ \
                ftp://ftp.edgewall.com/pub/trac/
Index: www/trac/distinfo
===================================================================
RCS file: /home/cvsroot/NetBSD/pkgsrc/www/trac/distinfo,v
retrieving revision 1.14
diff -u -r1.14 distinfo
--- www/trac/distinfo   26 Apr 2006 16:08:20 -0000      1.14
+++ www/trac/distinfo   7 Jul 2006 16:52:27 -0000
@@ -1,6 +1,6 @@
 $NetBSD: distinfo,v 1.14 2006/04/26 16:08:20 salo Exp $
 
-SHA1 (trac-0.9.5.tar.gz) = c96b9c8a123699330c33ad6985713edde5a997ff
-RMD160 (trac-0.9.5.tar.gz) = b63931da6341783af8e221d3dad962462dc5f286
-Size (trac-0.9.5.tar.gz) = 339170 bytes
+SHA1 (trac-0.9.6.tar.gz) = b64b193ec014113341f493149e0de2876a32fc7d
+RMD160 (trac-0.9.6.tar.gz) = 3bf086f8c5a6b3b7d6584359dbc916f6ee61dfdc
+Size (trac-0.9.6.tar.gz) = 339647 bytes
 SHA1 (patch-aa) = 5d8c1c3e5416e73d6cc24a5a45d4ec7afdc4a095




Home | Main Index | Thread Index | Old Index