CVS commit: [pkgsrc-2017Q4] pkgsrc/www/contao35

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: [pkgsrc-2017Q4] pkgsrc/www/contao35
From: "S.P.Zeidler" <spz%netbsd.org@localhost>
Date: Fri, 19 Jan 2018 22:11:35 +0000

Module Name:    pkgsrc
Committed By:   spz
Date:           Fri Jan 19 22:11:35 UTC 2018

Modified Files:
        pkgsrc/www/contao35 [pkgsrc-2017Q4]: Makefile PLIST distinfo

Log Message:
Pullup ticket #5686 - requested by taca
www/contao35: security update

Revisions pulled up:
- www/contao35/Makefile                                         1.36
- www/contao35/PLIST                                            1.18
- www/contao35/distinfo                                         1.28

-------------------------------------------------------------------
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Thu Jan 18 16:13:31 UTC 2018

   Modified Files:
        pkgsrc/www/contao35: Makefile PLIST distinfo

   Log Message:
   www/contao35: update to 3.5.32

   Contao 3.5.32 is available           2018/01/18 09:48 by Leo Feyer

   Contao version 3.5.32 is available. The bugfix release fixes an XSS
   vulnerability in the newsletter extension (CVE-2018-5478).

   CVE-2018-5478

   The vulnerability is in the "unsubscribe" module of the newsletter extension
   and can easily be exploited by anyone in the front end. We therefore strongly
   recommend you to update.

   The problem affects Contao 2.0.0 to 3.5.31 and the Contao newsletter bundle
   4.0.0 to 4.0.3.

   If you are not using the newsletter extension or the "unsubscribe" module,
   your installation is not affected by the vulnerability.

   To generate a diff of this commit:
   cvs rdiff -u -r1.35 -r1.36 pkgsrc/www/contao35/Makefile
   cvs rdiff -u -r1.17 -r1.18 pkgsrc/www/contao35/PLIST
   cvs rdiff -u -r1.27 -r1.28 pkgsrc/www/contao35/distinfo


To generate a diff of this commit:
cvs rdiff -u -r1.35 -r1.35.2.1 pkgsrc/www/contao35/Makefile
cvs rdiff -u -r1.17 -r1.17.2.1 pkgsrc/www/contao35/PLIST
cvs rdiff -u -r1.27 -r1.27.2.1 pkgsrc/www/contao35/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/www/contao35/Makefile
diff -u pkgsrc/www/contao35/Makefile:1.35 pkgsrc/www/contao35/Makefile:1.35.2.1
--- pkgsrc/www/contao35/Makefile:1.35   Wed Nov 15 14:07:53 2017
+++ pkgsrc/www/contao35/Makefile        Fri Jan 19 22:11:35 2018
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.35 2017/11/15 14:07:53 taca Exp $
+# $NetBSD: Makefile,v 1.35.2.1 2018/01/19 22:11:35 spz Exp $
 #
 
 DISTNAME=      contao-${CT_PKGVER}
@@ -20,7 +20,7 @@ DEPENDS+=     ${PHP_PKG_PREFIX}-soap>=5.4.0:
 DEPENDS+=      ${PHP_PKG_PREFIX}-curl>=5.4.0:../../www/php-curl
 DEPENDS+=      ${PHP_PKG_PREFIX}-zlib>=5.4.0:../../archivers/php-zlib
 
-CT_VERSION=    3.5.31
+CT_VERSION=    3.5.32
 USE_TOOLS=     bash:run pax
 NO_BUILD=      yes
 FILESDIR?=     ${.CURDIR}/files

Index: pkgsrc/www/contao35/PLIST
diff -u pkgsrc/www/contao35/PLIST:1.17 pkgsrc/www/contao35/PLIST:1.17.2.1
--- pkgsrc/www/contao35/PLIST:1.17      Wed Nov 15 14:07:53 2017
+++ pkgsrc/www/contao35/PLIST   Fri Jan 19 22:11:35 2018
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.17 2017/11/15 14:07:53 taca Exp $
+@comment $NetBSD: PLIST,v 1.17.2.1 2018/01/19 22:11:35 spz Exp $
 ${CT_WEBDIR}/.htaccess.default
 ${CT_WEBDIR}/README.md
 ${CT_WEBDIR}/assets/ace/1.1.9/ace.js
@@ -3329,6 +3329,7 @@ ${CT_WEBDIR}/vendor/matthiasmullie/path-
 ${CT_WEBDIR}/vendor/matthiasmullie/path-converter/src/Converter.php
 ${CT_WEBDIR}/vendor/matthiasmullie/path-converter/src/ConverterInterface.php
 ${CT_WEBDIR}/vendor/matthiasmullie/path-converter/src/NoConverter.php
+${CT_WEBDIR}/vendor/michelf/php-markdown/.gitignore
 ${CT_WEBDIR}/vendor/michelf/php-markdown/License.md
 ${CT_WEBDIR}/vendor/michelf/php-markdown/Michelf/Markdown.inc.php
 ${CT_WEBDIR}/vendor/michelf/php-markdown/Michelf/Markdown.php

Index: pkgsrc/www/contao35/distinfo
diff -u pkgsrc/www/contao35/distinfo:1.27 pkgsrc/www/contao35/distinfo:1.27.2.1
--- pkgsrc/www/contao35/distinfo:1.27   Wed Nov 15 14:07:53 2017
+++ pkgsrc/www/contao35/distinfo        Fri Jan 19 22:11:35 2018
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.27 2017/11/15 14:07:53 taca Exp $
+$NetBSD: distinfo,v 1.27.2.1 2018/01/19 22:11:35 spz Exp $
 
-SHA1 (contao-3.5.31.tar.gz) = 26b37675d0dd99337118ba3b20e4099c41b46e4e
-RMD160 (contao-3.5.31.tar.gz) = 03d03f064e0b3353767672ac3648c5cf5eff489c
-SHA512 (contao-3.5.31.tar.gz) = eecb648e29f551dc9feaadd5cd1b9c767bd84bea1d2dfdcbe7094f74c2c6a76d4d73a8d55607b87ef84c6e4401e2d6956bbd690196fe04cd3934d0f876e46ff7
-Size (contao-3.5.31.tar.gz) = 11232968 bytes
+SHA1 (contao-3.5.32.tar.gz) = a6a6545e2b00694142456c9e8186aa364034aa09
+RMD160 (contao-3.5.32.tar.gz) = a3be11d82ccad03e57e056a70217d36306ac6a74
+SHA512 (contao-3.5.32.tar.gz) = 4db785761b50acd46b049e045aa1ff8f9d88ac5068e5616c33f7de17d4ea37d70ac7b10e37e08a9629e7e2d29ce07ad1254c648576bee10980449e0ca94c8f21
+Size (contao-3.5.32.tar.gz) = 11233051 bytes

Prev by Date: CVS commit: [pkgsrc-2017Q4] pkgsrc/net/bind99
Next by Date: CVS commit: [pkgsrc-2017Q4] pkgsrc/doc
Previous by Thread: CVS commit: [pkgsrc-2017Q4] pkgsrc/net/bind99
Next by Thread: CVS commit: [pkgsrc-2017Q4] pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index