pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: [pkgsrc-2008Q4] pkgsrc/www/typo3

Module Name:    pkgsrc
Committed By:   tron
Date:           Thu Jan 22 11:23:11 UTC 2009

Modified Files:
        pkgsrc/www/typo3 [pkgsrc-2008Q4]: Makefile PLIST distinfo
Added Files:
        pkgsrc/www/typo3 [pkgsrc-2008Q4]: MESSAGE

Log Message:
Pullup ticket #2648 - requested by taca
typo3: security update

Revisions pulled up:
- www/typo3/MESSAGE                     1.1
- www/typo3/Makefile                    1.10
- www/typo3/PLIST                       1.5
- www/typo3/distinfo                    1.5
Module Name:    pkgsrc
Committed By:   taca
Date:           Wed Jan 21 13:10:05 UTC 2009

Modified Files:
        pkgsrc/www/typo3: Makefile PLIST distinfo
Added Files:
        pkgsrc/www/typo3: MESSAGE

Log Message:
Update www/typo3 package to 4.2.4.

This update contains security fixes and please refer ChangeLog file
for full changes.

1. System extension Install tool (install)

        Insecure Randomness

2. Authentication library

        Broken Authentication and Session Management

3. System extension Indexed Search Engine (indexed_search)

        Cross-Site Scripting, Remote Command Execution

4. System extension ADOdb (adodb)

        Cross-Site Scripting

5. Workspace module

        Cross-Site Scripting

After update, you will need to create a new encryption key.

(1) Upgrade to the new TYPO3 version.
(2) Clear the configuration cache
(3) Open the install tool and choose menu 1 ("Basic Configuration").
(4) Scroll to the bottom of the page and click on the button
    "Generate random key".
(5) Submit the form by clicking on "Update localconf.php".
(6) Clear the configuration and page cache again.

To generate a diff of this commit:
cvs rdiff -r0 -r1.1.2.2 pkgsrc/www/typo3/MESSAGE
cvs rdiff -r1.9 -r1.9.2.1 pkgsrc/www/typo3/Makefile
cvs rdiff -r1.4 -r1.4.2.1 pkgsrc/www/typo3/PLIST pkgsrc/www/typo3/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index