pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2009Q3]: pkgsrc/www/typo3 Pullup ticket #2920 - requested by taca
details: https://anonhg.NetBSD.org/pkgsrc/rev/97107697a731
branches: pkgsrc-2009Q3
changeset: 399953:97107697a731
user: tron <tron%pkgsrc.org@localhost>
date: Fri Oct 23 10:17:07 2009 +0000
description:
Pullup ticket #2920 - requested by taca
typo3: security update
Revisions pulled up:
- www/typo3/Makefile 1.16
- www/typo3/PLIST 1.8
- www/typo3/distinfo 1.10
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Oct 22 14:53:09 UTC 2009
Modified Files:
pkgsrc/www/typo3: Makefile PLIST distinfo
Log Message:
Update www/typo3 package to 4.2.10. It fixes multiple security issues
found in TYPO3 core.
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016/
2009-10-22 Oliver Hader <oliver%typo3.org@localhost>
* Release of TYPO3 4.2.10
2009-10-22 Ernesto Baschny <ernst%cron-it.de@localhost>
* Security Issue #11664: Updated RemoveXSS code to the latest knowledge in this area (thanks to Jigal van Hemert)
* Fixed bug #11586: Potential SQL injection in frontend editing (thanks to Oliver Klee)
* Fixed bug #12309: It was possible to gain access to the Install Tool by only knowing the md5 hash of the password.
* Fixed bug #12310: Encryption key can be recalculated when using normal mailform when [FE][strictFormmail] == 0 (thanks to Oliver Klee)
* Fixed bug #12090: Filenames should be escaped with escapeshellarg before passing them to imagemagick (thanks to Oliver Klee)
* Fixed bug #12303: XSS vulnerability due to not proper sanitizing in function t3lib_div::quoteJSvalue (thanks to Oliver Klee)
* Fixed bug #12304: Frame inclusion in the backend through alt_mod_frameset (thanks to Oliver Klee)
* Fixed bug #12305: XSS vulnerability in view_help.php / tfID parameter (thanks to Oliver Klee)
* Fixed bug #12306: XSS vulnerability in module dispatcher
* Fixed bug #12307: XSS vulnerability in alt_palette (thanks to Oliver Klee)
* Fixed bug #12308: XSS vulnerability in "DB > Full search" functionality
* Fixed bug #10501: XSS vulnerability in the install tool (thanks to Oliver Klee)
2009-10-21 Rupert Germann <rupi%gmx.li@localhost>
* Fixed bug #12280: Error Message while creating empty Folders (thanks to Daniel Schmitzer)
* Fixed bug #12300 (Follow-up to 11995): Output compression breaks prompt for keyboard input in CLI scripts
2009-10-21 Steffen Kamper <info%sk-typo3.de@localhost>
* Fixed bug #12272: Steps disregarded in t3lib_lock (thanks to Dan Osipov)
2009-10-15 Rupert Germann <rupi%gmx.li@localhost>
* Fixed bug #8728: PHP Warning, if SQL error occurs in class t3lib_db in functions which depend on an existing resultset (thanks to Felix Oertel)
2009-10-11 Rupert Germann <rupi%gmx.li@localhost>
* Fixed bug #10971: Fatal error in impexp module: Call to a member function includeLLFile() on a non-object (thanks to Andre Steiling)
2009-10-10 Rupert Germann <rupi%gmx.li@localhost>
* Fixed bug #12129 (follow-up to bug #11986): Translation update broken with activated output compression (thanks to Steffen Gebert)
2009-09-29 Oliver Hader <oliver%typo3.org@localhost>
* Fixed bug #11433: touch(): Utime failed in install tool (thanks to Steffen Gebert)
diffstat:
www/typo3/Makefile | 4 ++--
www/typo3/PLIST | 3 ++-
www/typo3/distinfo | 14 +++++++-------
3 files changed, 11 insertions(+), 10 deletions(-)
diffs (55 lines):
diff -r aae3fd2edd08 -r 97107697a731 www/typo3/Makefile
--- a/www/typo3/Makefile Thu Oct 22 21:29:49 2009 +0000
+++ b/www/typo3/Makefile Fri Oct 23 10:17:07 2009 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.15 2009/09/29 13:36:58 taca Exp $
+# $NetBSD: Makefile,v 1.15.2.1 2009/10/23 10:17:07 tron Exp $
#
DISTNAME= ${TYPO3NAME}
@@ -17,7 +17,7 @@
PKG_DESTDIR_SUPPORT= destdir
-VER= 4.2.9
+VER= 4.2.10
NO_BUILD= yes
USE_TOOLS= pax
diff -r aae3fd2edd08 -r 97107697a731 www/typo3/PLIST
--- a/www/typo3/PLIST Thu Oct 22 21:29:49 2009 +0000
+++ b/www/typo3/PLIST Fri Oct 23 10:17:07 2009 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.7 2009/07/06 15:15:44 taca Exp $
+@comment $NetBSD: PLIST,v 1.7.4.1 2009/10/23 10:17:07 tron Exp $
${EGDIR}/localconf.php
${TYPO3DIR}/${TYPO3NAME}/ChangeLog
${TYPO3DIR}/${TYPO3NAME}/GPL.txt
@@ -2050,6 +2050,7 @@
${TYPO3DIR}/${TYPO3NAME}/typo3/sysext/install/imgs/typo3logotype.ai
${TYPO3DIR}/${TYPO3NAME}/typo3/sysext/install/mod/class.tx_install.php
${TYPO3DIR}/${TYPO3NAME}/typo3/sysext/install/mod/class.tx_install_eid.php
+${TYPO3DIR}/${TYPO3NAME}/typo3/sysext/install/mod/class.tx_install_session.php
${TYPO3DIR}/${TYPO3NAME}/typo3/sysext/install/mod/clear.gif
${TYPO3DIR}/${TYPO3NAME}/typo3/sysext/install/mod/conf.php
${TYPO3DIR}/${TYPO3NAME}/typo3/sysext/install/mod/install.gif
diff -r aae3fd2edd08 -r 97107697a731 www/typo3/distinfo
--- a/www/typo3/distinfo Thu Oct 22 21:29:49 2009 +0000
+++ b/www/typo3/distinfo Fri Oct 23 10:17:07 2009 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.9 2009/09/29 13:36:58 taca Exp $
+$NetBSD: distinfo,v 1.9.2.1 2009/10/23 10:17:07 tron Exp $
-SHA1 (dummy-4.2.9.tar.gz) = 7cbf005ea91a4b94e7f12aeb7d3b1b99574a2252
-RMD160 (dummy-4.2.9.tar.gz) = 50c4623d135dbd79d972ade992d8b3b5b5565711
-Size (dummy-4.2.9.tar.gz) = 9378 bytes
-SHA1 (typo3_src-4.2.9.tar.gz) = f6be5d1034ed0d0f10dd3b295423b6b67a26340b
-RMD160 (typo3_src-4.2.9.tar.gz) = b90d66945c8098074bd077b1db878d6fa4c00ca1
-Size (typo3_src-4.2.9.tar.gz) = 8147838 bytes
+SHA1 (dummy-4.2.10.tar.gz) = af13dd4d419c9067c7bf3c602fe6a34b6b69ce51
+RMD160 (dummy-4.2.10.tar.gz) = 7da79972fe392cbe7c3a7fd6cd4b0704fe487b42
+Size (dummy-4.2.10.tar.gz) = 9381 bytes
+SHA1 (typo3_src-4.2.10.tar.gz) = ba6fa68267bf924df2f3ddfffee7dac4fc51f800
+RMD160 (typo3_src-4.2.10.tar.gz) = 1fc914e72930b995aeabad9529c7b2177969f322
+Size (typo3_src-4.2.10.tar.gz) = 8155862 bytes
SHA1 (patch-aa) = 12dc31e5d1b03f38c4957a08a5451da667d58214
Home |
Main Index |
Thread Index |
Old Index