pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2007Q3]: pkgsrc/mail/squirrelmail Pullup ticket 2246 - request...
details: https://anonhg.NetBSD.org/pkgsrc/rev/40f99e0df005
branches: pkgsrc-2007Q3
changeset: 534062:40f99e0df005
user: ghen <ghen%pkgsrc.org@localhost>
date: Mon Dec 17 15:38:54 2007 +0000
description:
Pullup ticket 2246 - requested by martti
security update for squirrelmail
- pkgsrc/mail/squirrelmail/Makefile 1.96, 1.97
- pkgsrc/mail/squirrelmail/PLIST 1.25
- pkgsrc/mail/squirrelmail/distinfo 1.45, 1.46
- pkgsrc/mail/squirrelmail/options.mk 1.7
Module Name: pkgsrc
Committed By: martti
Date: Fri Dec 14 20:44:35 UTC 2007
Modified Files:
pkgsrc/mail/squirrelmail: Makefile PLIST distinfo
Log Message:
Updated mail/squirrelmail to 1.4.13
(pkgsrc notice: we were using the original, known-to-be-good 1.4.12
distfile so all your servers should be fine)
Due to the package compromise of 1.4.11, and 1.4.12, we are forced to
release 1.4.13 to ensure no confusions. While initial review didn't
uncover a need for concern, several proof of concepts show that the
package alterations introduce a high risk security issue, allowing
remote inclusion of files. These changes would allow a remote user the
ability to execute exploit code on a victim machine, without any user
interaction on the victim's server. This could grant the attacker the
ability to deploy further code on the victim's server.
We *STRONGLY* advise all users of 1.4.11, and 1.4.12 upgrade
immediately.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Dec 15 13:58:12 UTC 2007
Modified Files:
pkgsrc/mail/squirrelmail: Makefile distinfo options.mk
Log Message:
Catch up squirrelmail-japanese patch to 1.4.12-ja-20071205.
Bump PKG_REVISION.
diffstat:
mail/squirrelmail/Makefile | 6 +++---
mail/squirrelmail/PLIST | 3 ++-
mail/squirrelmail/distinfo | 14 +++++++-------
mail/squirrelmail/options.mk | 8 ++++----
4 files changed, 16 insertions(+), 15 deletions(-)
diffs (77 lines):
diff -r cf81b77422e5 -r 40f99e0df005 mail/squirrelmail/Makefile
--- a/mail/squirrelmail/Makefile Mon Dec 17 15:26:47 2007 +0000
+++ b/mail/squirrelmail/Makefile Mon Dec 17 15:38:54 2007 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.92.2.1 2007/12/05 07:31:12 ghen Exp $
+# $NetBSD: Makefile,v 1.92.2.2 2007/12/17 15:38:54 ghen Exp $
-DISTNAME= squirrelmail-1.4.12
-#PKGREVISION= 1
+DISTNAME= squirrelmail-1.4.13
+PKGREVISION= 1
CATEGORIES= mail www
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=squirrelmail/}
EXTRACT_SUFX= .tar.bz2
diff -r cf81b77422e5 -r 40f99e0df005 mail/squirrelmail/PLIST
--- a/mail/squirrelmail/PLIST Mon Dec 17 15:26:47 2007 +0000
+++ b/mail/squirrelmail/PLIST Mon Dec 17 15:38:54 2007 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.23.2.1 2007/12/05 07:31:12 ghen Exp $
+@comment $NetBSD: PLIST,v 1.23.2.2 2007/12/17 15:38:55 ghen Exp $
man/man8/squirrelmail-conf.pl.8
share/examples/squirrelmail/squirrelmail.conf
share/squirrelmail/AUTHORS
@@ -58,6 +58,7 @@
share/squirrelmail/doc/ReleaseNotes/1.4/Notes-1.4.10a.txt
share/squirrelmail/doc/ReleaseNotes/1.4/Notes-1.4.11.txt
share/squirrelmail/doc/ReleaseNotes/1.4/Notes-1.4.12.txt
+share/squirrelmail/doc/ReleaseNotes/1.4/Notes-1.4.13.txt
share/squirrelmail/doc/ReleaseNotes/1.4/Notes-1.4.2.txt
share/squirrelmail/doc/ReleaseNotes/1.4/Notes-1.4.3.txt
share/squirrelmail/doc/ReleaseNotes/1.4/Notes-1.4.3a.txt
diff -r cf81b77422e5 -r 40f99e0df005 mail/squirrelmail/distinfo
--- a/mail/squirrelmail/distinfo Mon Dec 17 15:26:47 2007 +0000
+++ b/mail/squirrelmail/distinfo Mon Dec 17 15:38:54 2007 +0000
@@ -1,12 +1,12 @@
-$NetBSD: distinfo,v 1.42.2.2 2007/12/06 10:36:33 ghen Exp $
+$NetBSD: distinfo,v 1.42.2.3 2007/12/17 15:38:55 ghen Exp $
SHA1 (squirrelmail-1.4.11-lite-20071003-patch.bz2) = 8823810ca00ab5510a48db78826112a9482d1895
RMD160 (squirrelmail-1.4.11-lite-20071003-patch.bz2) = 98649a1639567bb6669e9cfc0ca8b0743ebfb46e
Size (squirrelmail-1.4.11-lite-20071003-patch.bz2) = 1800 bytes
-SHA1 (squirrelmail-1.4.12-ja-20071205-patch.gz) = 16de8fb72ce13cf302279772eb0d3df84e409b3f
-RMD160 (squirrelmail-1.4.12-ja-20071205-patch.gz) = fac415d26cfc5d297f927830b1fd8704e0b5b189
-Size (squirrelmail-1.4.12-ja-20071205-patch.gz) = 7739 bytes
-SHA1 (squirrelmail-1.4.12.tar.bz2) = cf5c716fe2b356bafa0aa10ebdb9980339c3a0cb
-RMD160 (squirrelmail-1.4.12.tar.bz2) = a25130f4eab2a84914f021a7baa432383f7ef551
-Size (squirrelmail-1.4.12.tar.bz2) = 496632 bytes
+SHA1 (squirrelmail-1.4.13-ja-20071215-patch.gz) = d25052da58254b6d7132028588fbd4ba5208bf5f
+RMD160 (squirrelmail-1.4.13-ja-20071215-patch.gz) = 2ef11134e65a2673027c5b00aef373269c92f6ab
+Size (squirrelmail-1.4.13-ja-20071215-patch.gz) = 11925 bytes
+SHA1 (squirrelmail-1.4.13.tar.bz2) = cbc101076dfde6f78e871133fc6a17b5d3aa0edb
+RMD160 (squirrelmail-1.4.13.tar.bz2) = d2d27c9e2fe6225833da15981b9d6881ce55fc6d
+Size (squirrelmail-1.4.13.tar.bz2) = 497103 bytes
SHA1 (patch-aa) = 6f48193a3b4ee86e85afcc66e2299ecbfe375796
diff -r cf81b77422e5 -r 40f99e0df005 mail/squirrelmail/options.mk
--- a/mail/squirrelmail/options.mk Mon Dec 17 15:26:47 2007 +0000
+++ b/mail/squirrelmail/options.mk Mon Dec 17 15:38:54 2007 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: options.mk,v 1.5.2.1 2007/12/06 10:36:33 ghen Exp $
+# $NetBSD: options.mk,v 1.5.2.2 2007/12/17 15:38:56 ghen Exp $
PKG_OPTIONS_VAR= PKG_OPTIONS.squirrelmail
PKG_SUPPORTED_OPTIONS= squirrelmail-japanese squirrelmail-lite
@@ -6,10 +6,10 @@
.include "../../mk/bsd.options.mk"
.if !empty(PKG_OPTIONS:Msquirrelmail-japanese)
-PATCHFILES+= squirrelmail-1.4.12-ja-20071205-patch.gz
-SITES.squirrelmail-1.4.12-ja-20071205-patch.gz= \
+PATCHFILES+= squirrelmail-1.4.13-ja-20071215-patch.gz
+SITES.squirrelmail-1.4.13-ja-20071215-patch.gz= \
http://www.yamaai-tech.com/~masato/Download/
-PATCH_DIST_STRIP.squirrelmail-1.4.12-ja-20071205-patch.gz= -p1
+PATCH_DIST_STRIP.squirrelmail-1.4.13-ja-20071215-patch.gz= -p1
.endif
Home |
Main Index |
Thread Index |
Old Index