Subject: CVS commit: [pkgsrc-2006Q1] pkgsrc/devel/mantis
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 05/01/2006 21:56:15
Module Name: pkgsrc
Committed By: salo
Date: Mon May 1 21:56:15 UTC 2006
Modified Files:
pkgsrc/devel/mantis [pkgsrc-2006Q1]: Makefile PLIST distinfo
Log Message:
Pullup ticket 1490 - requested by adrianp
security update for mantis
Revisions pulled up:
- pkgsrc/devel/mantis/Makefile 1.20
- pkgsrc/devel/mantis/PLIST 1.7
- pkgsrc/devel/mantis/distinfo 1.7
Module Name: pkgsrc
Committed By: adrianp
Date: Mon May 1 13:00:40 UTC 2006
Modified Files:
pkgsrc/devel/mantis: Makefile PLIST distinfo
Log Message:
Update to 1.0.2
> 2006.04.18 - 1.0.2
> - 0006902: [security] XSS in mantis bug track system .... (thraxisp)
> - 0006859: [bugtracker] Can send reminders to all recipients (thraxisp)
>
> 2006.02.18 - 1.0.1
> - 0006722: [installation] Remaining mysqli_ install problems (ref.
> #0006672): my sqli_real_escape_string() expects parameter
> 1 to be link (thraxisp)
> - 0006672: [installation] install.php assumes mysql extension, fails
> with mysqli extension (thraxisp)
> - 0006668: [filters] Parse error while saving new filter: Call to
> undefined function: string_strip_tags() (thraxisp)
>
> 2006.02.04 - 1.0.0
> - 0006044: [security] 'Return' _GET is not checked (thraxisp)
> - 0006650: [security] ADOdb can be exploited to execute arbitrary SQL
> code (vboctor)
> - 0006659: [security] Cross site scripting vulnerability (thraxisp)
> - 0006634: [filters] Filter does not work with profiles (vboctor)
To generate a diff of this commit:
cvs rdiff -r1.18 -r1.18.2.1 pkgsrc/devel/mantis/Makefile
cvs rdiff -r1.6 -r1.6.4.1 pkgsrc/devel/mantis/PLIST
cvs rdiff -r1.6 -r1.6.2.1 pkgsrc/devel/mantis/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.