[pkgsrc/trunk]: pkgsrc/www/contao44 www/contao44: update to 4.4.18

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/www/contao44 www/contao44: update to 4.4.18
From: taca <taca%pkgsrc.org@localhost>
Date: Mon, 23 Apr 2018 15:52:59 +0000
details:   https://anonhg.NetBSD.org/pkgsrc/rev/c4c6b9899e2b
branches:  trunk
changeset: 306708:c4c6b9899e2b
user:      taca <taca%pkgsrc.org@localhost>
date:      Mon Apr 23 14:19:00 2018 +0000
description:
www/contao44: update to 4.4.18

Contao 4.4.17 (2018-04-04)

Contao version 4.4.17 is available.  The bugfix release fixes a few minor
issues including a problem with rendering custom layout sections.


Contao 4.4.18 (2018-04-18)

Contao version 4.4.18 is available.  The bugfix release fixes an XSS
vulnerability in the system log of the back end (CVE-2018-10125).

CVE-2018-10125

With a manipulated request, an attacker can implant a script which is executed
when a logged in back end user opens the system log.  The attacker themselves
does not have to be logged in.

The problem affects Contao 3.0.0 to 3.5.34, 4.0.0 to 4.4.17 and 4.5.0 to
4.5.7. We highly recommend you to update.

diffstat:

 www/contao44/Makefile |   4 +-
 www/contao44/PLIST    |  63 +++-----------------------------------------------
 www/contao44/distinfo |  10 ++++----
 3 files changed, 11 insertions(+), 66 deletions(-)

diffs (145 lines):

diff -r ca64a895b8b8 -r c4c6b9899e2b www/contao44/Makefile
--- a/www/contao44/Makefile     Mon Apr 23 14:00:44 2018 +0000
+++ b/www/contao44/Makefile     Mon Apr 23 14:19:00 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.17 2018/03/09 14:12:33 taca Exp $
+# $NetBSD: Makefile,v 1.18 2018/04/23 14:19:00 taca Exp $
 #
 
 DISTNAME=      contao-${CT_PKGVER}
@@ -22,7 +22,7 @@
 DEPENDS+=      ${PHP_PKG_PREFIX}-curl>=5.6:../../www/php-curl
 DEPENDS+=      ${PHP_PKG_PREFIX}-zlib>=5.6:../../archivers/php-zlib
 
-CT_VERSION=    4.4.16
+CT_VERSION=    4.4.18
 USE_TOOLS=     bash:run pax
 NO_BUILD=      yes
 
diff -r ca64a895b8b8 -r c4c6b9899e2b www/contao44/PLIST
--- a/www/contao44/PLIST        Mon Apr 23 14:00:44 2018 +0000
+++ b/www/contao44/PLIST        Mon Apr 23 14:19:00 2018 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.14 2018/03/06 16:26:28 taca Exp $
+@comment $NetBSD: PLIST,v 1.15 2018/04/23 14:19:00 taca Exp $
 ${CT_WEBDIR}/README.md
 ${CT_WEBDIR}/assets/ace/README.md
 ${CT_WEBDIR}/assets/ace/composer.json
@@ -650,6 +650,7 @@
 ${CT_WEBDIR}/vendor/contao-components/installer/.gitignore
 ${CT_WEBDIR}/vendor/contao-components/installer/.php_cs.dist
 ${CT_WEBDIR}/vendor/contao-components/installer/.travis.yml
+${CT_WEBDIR}/vendor/contao-components/installer/LICENSE
 ${CT_WEBDIR}/vendor/contao-components/installer/README.md
 ${CT_WEBDIR}/vendor/contao-components/installer/composer.json
 ${CT_WEBDIR}/vendor/contao-components/installer/phpunit.xml.dist
@@ -1400,34 +1401,6 @@
 ${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/cs/tl_undo.xlf
 ${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/cs/tl_user.xlf
 ${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/cs/tl_user_group.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/countries.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/default.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/exception.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/explain.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/languages.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/modules.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_article.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_content.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_files.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_form.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_form_field.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_image_size.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_image_size_item.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_layout.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_log.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_maintenance.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_member.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_member_group.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_module.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_page.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_settings.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_style.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_style_sheet.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_templates.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_theme.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_undo.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_user.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/da/tl_user_group.xlf
 ${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/de/countries.xlf
 ${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/de/default.xlf
 ${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/de/exception.xlf
@@ -1764,34 +1737,6 @@
 ${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/ru/tl_undo.xlf
 ${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/ru/tl_user.xlf
 ${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/ru/tl_user_group.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/countries.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/default.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/exception.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/explain.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/languages.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/modules.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_article.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_content.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_files.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_form.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_form_field.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_image_size.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_image_size_item.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_layout.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_log.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_maintenance.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_member.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_member_group.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_module.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_page.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_settings.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_style.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_style_sheet.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_templates.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_theme.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_undo.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_user.xlf
-${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sl/tl_user_group.xlf
 ${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sr/countries.xlf
 ${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sr/default.xlf
 ${CT_WEBDIR}/vendor/contao/core-bundle/src/Resources/contao/languages/sr/exception.xlf
@@ -2886,8 +2831,6 @@
 ${CT_WEBDIR}/vendor/contao/listing-bundle/src/ContaoManager/Plugin.php
 ${CT_WEBDIR}/vendor/contao/listing-bundle/src/Resources/contao/.editorconfig
 ${CT_WEBDIR}/vendor/contao/listing-bundle/src/Resources/contao/.php_cs.dist
-${CT_WEBDIR}/vendor/contao/listing-bundle/src/Resources/contao/config/autoload.ini
-${CT_WEBDIR}/vendor/contao/listing-bundle/src/Resources/contao/config/autoload.php
 ${CT_WEBDIR}/vendor/contao/listing-bundle/src/Resources/contao/config/config.php
 ${CT_WEBDIR}/vendor/contao/listing-bundle/src/Resources/contao/config/ide_compat.php
 ${CT_WEBDIR}/vendor/contao/listing-bundle/src/Resources/contao/dca/tl_module.php
@@ -3951,6 +3894,7 @@
 ${CT_WEBDIR}/vendor/friendsofsymfony/http-cache/resources/config/varnish/fos_debug.vcl
 ${CT_WEBDIR}/vendor/friendsofsymfony/http-cache/resources/config/varnish/fos_purge.vcl
 ${CT_WEBDIR}/vendor/friendsofsymfony/http-cache/resources/config/varnish/fos_refresh.vcl
+${CT_WEBDIR}/vendor/friendsofsymfony/http-cache/resources/config/varnish/fos_tags_xkey.vcl
 ${CT_WEBDIR}/vendor/friendsofsymfony/http-cache/resources/config/varnish/fos_user_context.vcl
 ${CT_WEBDIR}/vendor/friendsofsymfony/http-cache/resources/config/varnish/fos_user_context_url.vcl
 ${CT_WEBDIR}/vendor/friendsofsymfony/http-cache/src/CacheInvalidator.php
@@ -3992,6 +3936,7 @@
 ${CT_WEBDIR}/vendor/friendsofsymfony/http-cache/src/SymfonyCache/UserContextListener.php
 ${CT_WEBDIR}/vendor/friendsofsymfony/http-cache/src/TagHeaderFormatter/CommaSeparatedTagHeaderFormatter.php
 ${CT_WEBDIR}/vendor/friendsofsymfony/http-cache/src/TagHeaderFormatter/TagHeaderFormatter.php
+${CT_WEBDIR}/vendor/friendsofsymfony/http-cache/src/UserContext/AnonymousRequestMatcher.php
 ${CT_WEBDIR}/vendor/friendsofsymfony/http-cache/src/UserContext/ContextProvider.php
 ${CT_WEBDIR}/vendor/friendsofsymfony/http-cache/src/UserContext/DefaultHashGenerator.php
 ${CT_WEBDIR}/vendor/friendsofsymfony/http-cache/src/UserContext/HashGenerator.php
diff -r ca64a895b8b8 -r c4c6b9899e2b www/contao44/distinfo
--- a/www/contao44/distinfo     Mon Apr 23 14:00:44 2018 +0000
+++ b/www/contao44/distinfo     Mon Apr 23 14:19:00 2018 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.15 2018/03/09 14:12:33 taca Exp $
+$NetBSD: distinfo,v 1.16 2018/04/23 14:19:00 taca Exp $
 
-SHA1 (contao-4.4.16.tar.gz) = 16e27a3f5b3e08dd4b7b8a7e14bd0ff1ae438e1b
-RMD160 (contao-4.4.16.tar.gz) = e864eab1e59a07e34803f8f0da9e96c35ef9fee6
-SHA512 (contao-4.4.16.tar.gz) = ffcc979f0a7071dba0d54e8111c561895b4704db8b776f2c8616c2f5027ef55aa22efd5198a13287eefe42b1aab691df628e5e2f085dd7520cd60a1f8a68af9a
-Size (contao-4.4.16.tar.gz) = 31406014 bytes
+SHA1 (contao-4.4.18.tar.gz) = 184687abd1b52e1fae9fa2768e98e61c0f5df2fb
+RMD160 (contao-4.4.18.tar.gz) = 9b1818ad5fb08a29fba2c50e203b1a266459b972
+SHA512 (contao-4.4.18.tar.gz) = 0b6d036d7adfba010f846891e4af521ad6736742475010a64e101dd47b41628a7cabcd7a4f39256a5d7133afcfb1d448308c978b49be7e919d072fdfbf568e35
+Size (contao-4.4.18.tar.gz) = 31235368 bytes
Prev by Date: [pkgsrc/trunk]: pkgsrc/doc doc: Updated www/contao45 to 4.5.8
Next by Date: [pkgsrc/trunk]: pkgsrc/textproc/discount Accomplish libtoolizati...
Previous by Thread: [pkgsrc/trunk]: pkgsrc/doc doc: Updated www/contao45 to 4.5.8
Next by Thread: [pkgsrc/trunk]: pkgsrc/textproc/discount Accomplish libtoolizati...
Indexes:
Home | Main Index | Thread Index | Old Index