[pkgsrc/trunk]: pkgsrc/www/contao35 www/contao35: update to 3.5.32

[taca <taca%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/baea3c43db32
branches:  trunk
changeset: 374255:baea3c43db32
user:      taca <taca%pkgsrc.org@localhost>
date:      Thu Jan 18 16:13:31 2018 +0000

description:
www/contao35: update to 3.5.32

Contao 3.5.32 is available              2018/01/18 09:48 by Leo Feyer

Contao version 3.5.32 is available. The bugfix release fixes an XSS
vulnerability in the newsletter extension (CVE-2018-5478).

CVE-2018-5478

The vulnerability is in the "unsubscribe" module of the newsletter extension
and can easily be exploited by anyone in the front end. We therefore strongly
recommend you to update.

The problem affects Contao 2.0.0 to 3.5.31 and the Contao newsletter bundle
4.0.0 to 4.0.3.

If you are not using the newsletter extension or the "unsubscribe" module,
your installation is not affected by the vulnerability.

diffstat:

 www/contao35/Makefile |   4 ++--
 www/contao35/PLIST    |   3 ++-
 www/contao35/distinfo |  10 +++++-----
 3 files changed, 9 insertions(+), 8 deletions(-)

diffs (50 lines):

diff -r 77c1d18f6076 -r baea3c43db32 www/contao35/Makefile
--- a/www/contao35/Makefile     Thu Jan 18 14:39:59 2018 +0000
+++ b/www/contao35/Makefile     Thu Jan 18 16:13:31 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.35 2017/11/15 14:07:53 taca Exp $
+# $NetBSD: Makefile,v 1.36 2018/01/18 16:13:31 taca Exp $
 #
 
 DISTNAME=      contao-${CT_PKGVER}
@@ -20,7 +20,7 @@
 DEPENDS+=      ${PHP_PKG_PREFIX}-curl>=5.4.0:../../www/php-curl
 DEPENDS+=      ${PHP_PKG_PREFIX}-zlib>=5.4.0:../../archivers/php-zlib
 
-CT_VERSION=    3.5.31
+CT_VERSION=    3.5.32
 USE_TOOLS=     bash:run pax
 NO_BUILD=      yes
 FILESDIR?=     ${.CURDIR}/files
diff -r 77c1d18f6076 -r baea3c43db32 www/contao35/PLIST
--- a/www/contao35/PLIST        Thu Jan 18 14:39:59 2018 +0000
+++ b/www/contao35/PLIST        Thu Jan 18 16:13:31 2018 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.17 2017/11/15 14:07:53 taca Exp $
+@comment $NetBSD: PLIST,v 1.18 2018/01/18 16:13:31 taca Exp $
 ${CT_WEBDIR}/.htaccess.default
 ${CT_WEBDIR}/README.md
 ${CT_WEBDIR}/assets/ace/1.1.9/ace.js
@@ -3329,6 +3329,7 @@
 ${CT_WEBDIR}/vendor/matthiasmullie/path-converter/src/Converter.php
 ${CT_WEBDIR}/vendor/matthiasmullie/path-converter/src/ConverterInterface.php
 ${CT_WEBDIR}/vendor/matthiasmullie/path-converter/src/NoConverter.php
+${CT_WEBDIR}/vendor/michelf/php-markdown/.gitignore
 ${CT_WEBDIR}/vendor/michelf/php-markdown/License.md
 ${CT_WEBDIR}/vendor/michelf/php-markdown/Michelf/Markdown.inc.php
 ${CT_WEBDIR}/vendor/michelf/php-markdown/Michelf/Markdown.php
diff -r 77c1d18f6076 -r baea3c43db32 www/contao35/distinfo
--- a/www/contao35/distinfo     Thu Jan 18 14:39:59 2018 +0000
+++ b/www/contao35/distinfo     Thu Jan 18 16:13:31 2018 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.27 2017/11/15 14:07:53 taca Exp $
+$NetBSD: distinfo,v 1.28 2018/01/18 16:13:31 taca Exp $
 
-SHA1 (contao-3.5.31.tar.gz) = 26b37675d0dd99337118ba3b20e4099c41b46e4e
-RMD160 (contao-3.5.31.tar.gz) = 03d03f064e0b3353767672ac3648c5cf5eff489c
-SHA512 (contao-3.5.31.tar.gz) = eecb648e29f551dc9feaadd5cd1b9c767bd84bea1d2dfdcbe7094f74c2c6a76d4d73a8d55607b87ef84c6e4401e2d6956bbd690196fe04cd3934d0f876e46ff7
-Size (contao-3.5.31.tar.gz) = 11232968 bytes
+SHA1 (contao-3.5.32.tar.gz) = a6a6545e2b00694142456c9e8186aa364034aa09
+RMD160 (contao-3.5.32.tar.gz) = a3be11d82ccad03e57e056a70217d36306ac6a74
+SHA512 (contao-3.5.32.tar.gz) = 4db785761b50acd46b049e045aa1ff8f9d88ac5068e5616c33f7de17d4ea37d70ac7b10e37e08a9629e7e2d29ce07ad1254c648576bee10980449e0ca94c8f21
+Size (contao-3.5.32.tar.gz) = 11233051 bytes