[pkgsrc/trunk]: pkgsrc/www/drupal Update to 5.6

[adrianp <adrianp%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/885f0e4cbc2c
branches:  trunk
changeset: 537547:885f0e4cbc2c
user:      adrianp <adrianp%pkgsrc.org@localhost>
date:      Fri Jan 11 12:37:11 2008 +0000

description:
Update to 5.6

This release fixes security vulnerabilities. Sites are urged to upgrade immediately. For more details, please see the security announcement:
SA-2008-005 - Drupal core - Cross site request forgery
SA-2008-006 - Drupal core - Cross site scripting (UTF8)
SA-2008-007 - Drupal core - Cross site scripting (register_globals)

In addition to this security vulnerability, the following bugs have been fixed since the 5.5 release:
173858 by Gábor Hojtsy: skip UTF-8 BOM when importing locale files
179164 by Heine: sort modules by name on the module admin page
199640 by webernet: (usability) add option to select no taxonomy term in multiselect forms, not to rely on browser trickery
199084 by chx: better conformance with ISO date formats in our xmlrpc code
173459 by Dave Cohen. Backport of #78487 by FredCK, forngren and bjaspan: document support in url() and l() and proper active class support for .
89218 by Gábor Hojtsy. Properly initialize a counter variable and fix poll editing.
64388 by Gábor Hojtsy. Add missing db_rewrite_sql(); not a security issue since it is a count() query.
200338 by m3avrck and quicksketch: fix transparent GIF resizing
194652 by Heine: specify explicit accept-charset for forms to avoid browser guessing
182410 by greggles: HTTP Basic authentication username and password was parsed in drupal_http_request() but then not used in the request
- Patch 201894 by David Rothstein: fixed typo in user output.
180126 by mmoreno, drewish and scor: add realpath() call to file_save_data(), so Windows will create temporary files properly
115689 by chx: new content types should not overwrite old ones. Backport by Pancho.
203727 by Arancaytar. More effectively use hook API.
204855 by webernet. Add missing * in documentation.
168315 by schuyler1d: previous active database name was not consistently returned in db_set_active()
- Patch 199955 by saxofaan: file_upload_max_size() returns results in bytes, not in mega bytes.
194579 patch by pwolanin: clear filter cache when allowed HTML tags configuration changes in an input format
#166433 by Ralf Stamm. Use correct menu item type for revsion confirm pages.
58806 by fwalch and wicksteedc. Do not override MENU_VISIBLE_IF_HAS_CHILDREN on editing.
Partial backport of 112715 to fix 124641.

Changes from 5.4 -> 5.5
Fixed missing missing brackets in a query in the user module.
Fixed taxonomy feed bug introduced by SA-2007-031

diffstat:

 www/drupal/Makefile |  4 ++--
 www/drupal/distinfo |  8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diffs (25 lines):

diff -r 3fdd73936fb5 -r 885f0e4cbc2c www/drupal/Makefile
--- a/www/drupal/Makefile       Fri Jan 11 12:01:46 2008 +0000
+++ b/www/drupal/Makefile       Fri Jan 11 12:37:11 2008 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.25 2007/12/05 23:16:19 adrianp Exp $
+# $NetBSD: Makefile,v 1.26 2008/01/11 12:37:11 adrianp Exp $
 
-DISTNAME=      drupal-5.4
+DISTNAME=      drupal-5.6
 CATEGORIES=    www
 MASTER_SITES=  http://drupal.org/files/projects/
 
diff -r 3fdd73936fb5 -r 885f0e4cbc2c www/drupal/distinfo
--- a/www/drupal/distinfo       Fri Jan 11 12:01:46 2008 +0000
+++ b/www/drupal/distinfo       Fri Jan 11 12:37:11 2008 +0000
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.18 2007/12/05 23:16:19 adrianp Exp $
+$NetBSD: distinfo,v 1.19 2008/01/11 12:37:11 adrianp Exp $
 
-SHA1 (drupal-5.4.tar.gz) = 76e08a766d36d24c4628f61aea47d8961064f29b
-RMD160 (drupal-5.4.tar.gz) = ed20245d804cbd2ff7670a164e61b5be6202600e
-Size (drupal-5.4.tar.gz) = 753584 bytes
+SHA1 (drupal-5.6.tar.gz) = 84d6d3ffa41696fb7c0733a519d8e1539fa342a0
+RMD160 (drupal-5.6.tar.gz) = edce977bcd679d61495f2869c0e1b9f07afed838
+Size (drupal-5.6.tar.gz) = 754408 bytes