[pkgsrc/trunk]: pkgsrc/www/contao35 www/contao35: update to 3.5.35

[taca <taca%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/f8ed33498817
branches:  trunk
changeset: 379144:f8ed33498817
user:      taca <taca%pkgsrc.org@localhost>
date:      Mon Apr 23 14:00:17 2018 +0000

description:
www/contao35: update to 3.5.35

Version 3.5.35 (2018-04-18)
---------------------------

### Fixed
Fix an XSS vulnerability in the system log (see CVE-2018-10125).

CVE-2018-10125

With a manipulated request, an attacker can implant a script which is executed
when a logged in back end user opens the system log.  The attacker themselves
does not have to be logged in.

The problem affects Contao 3.0.0 to 3.5.34, 4.0.0 to 4.4.17 and 4.5.0 to
4.5.7. We highly recommend you to update.

diffstat:

 www/contao35/Makefile |   4 ++--
 www/contao35/distinfo |  10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diffs (33 lines):

diff -r 820ea8887c69 -r f8ed33498817 www/contao35/Makefile
--- a/www/contao35/Makefile     Mon Apr 23 13:56:58 2018 +0000
+++ b/www/contao35/Makefile     Mon Apr 23 14:00:17 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.38 2018/03/06 16:25:38 taca Exp $
+# $NetBSD: Makefile,v 1.39 2018/04/23 14:00:17 taca Exp $
 #
 
 DISTNAME=      contao-${CT_PKGVER}
@@ -20,7 +20,7 @@
 DEPENDS+=      ${PHP_PKG_PREFIX}-curl>=5.4.0:../../www/php-curl
 DEPENDS+=      ${PHP_PKG_PREFIX}-zlib>=5.4.0:../../archivers/php-zlib
 
-CT_VERSION=    3.5.34
+CT_VERSION=    3.5.35
 USE_TOOLS=     bash:run pax
 NO_BUILD=      yes
 FILESDIR?=     ${.CURDIR}/files
diff -r 820ea8887c69 -r f8ed33498817 www/contao35/distinfo
--- a/www/contao35/distinfo     Mon Apr 23 13:56:58 2018 +0000
+++ b/www/contao35/distinfo     Mon Apr 23 14:00:17 2018 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.30 2018/03/06 16:25:38 taca Exp $
+$NetBSD: distinfo,v 1.31 2018/04/23 14:00:17 taca Exp $
 
-SHA1 (contao-3.5.34.tar.gz) = 3f44d54b499b2e3539f2a41ca8cbfd01e1de1ef9
-RMD160 (contao-3.5.34.tar.gz) = f59840bdbf74f2eb1e6a1682375a85ea95371962
-SHA512 (contao-3.5.34.tar.gz) = c31f207157ae4db9d4a202584450989980afa20011a3779dff89004122e59d294ed11c664fc1a7b8701d6d22b5b1714a49f255220c525d5f4b40e4bad76c5b48
-Size (contao-3.5.34.tar.gz) = 11203406 bytes
+SHA1 (contao-3.5.35.tar.gz) = 398499e9e817e3f207a445135c654b7802e02a54
+RMD160 (contao-3.5.35.tar.gz) = 44ce17190a219f85740a490a8599e2edb5db9111
+SHA512 (contao-3.5.35.tar.gz) = 8131e0aaf2d54c51c624206ffd14fba8b3a46621eab93d19bc499cb041a6827f907e94a4d39fd13dfb63500e5c5e3187c267c63d8d993ca1308856b82e4297f8
+Size (contao-3.5.35.tar.gz) = 11203496 bytes