sync/ports
1
0
Fork 0
mirror of https://git.freebsd.org/ports.git synced 2025-07-18 01:39:16 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

- Update to 2.16.7, a security release:

Browse source 
Class:       Unauthorized Bug Change
Versions:    2.9 through 2.18rc2 and 2.19
Description: It is possible to send a carefully crafted HTTP POST
	     message to process_bug.cgi which will remove keywords from
	     a bug even if you don't have permissions to edit all bug
	     fields (the "editbugs" permission).  Such changes are
	     reported in "bug changed" email notifications, so they are
	     easily detected and reversed if someone abuses it.
Reference:   https://bugzilla.mozilla.org/show_bug.cgi?id=252638

- Correct SQL command in pkg-message

PR:		ports/71161, ports/73166
Submitted by:	Dmitry A Grigorovich <odip@bionet.nsc.ru>
This commit is contained in:
Pav Lucistnik 2004-10-27 19:23:53 +00:00
parent da5a605249
commit a6b9ddac1d
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=120335
9 changed files with 18 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
devel/bugzilla/Makefile
View file

@ -6,7 +6,7 @@
#
PORTNAME?= bugzilla
PORTVERSION?= 2.16.6
PORTVERSION?= 2.16.7
CATEGORIES?= devel
MASTER_SITES= ${MASTER_SITE_MOZILLA}
MASTER_SITE_SUBDIR= webtools webtools/archived

4
devel/bugzilla/distinfo
View file

@ -1,2 +1,2 @@
MD5 (bugzilla-2.16.6.tar.gz) = 5b694df8739be175f0358507f844b71d
SIZE (bugzilla-2.16.6.tar.gz) = 1365080
MD5 (bugzilla-2.16.7.tar.gz) = ee4c92bfd940521cc68ea91917f9f0dd
SIZE (bugzilla-2.16.7.tar.gz) = 1368799

5
devel/bugzilla/pkg-message
View file

@ -4,8 +4,9 @@
1. Create database user who has rights on bugs database manipulation
by following mysql commands:
GRANT SELECT,INSERT,UPDATE,DELETE,INDEX, ALTER,CREATE,DROP,REFERENCES \
ON <database>.* TO <dbuser>@<host> IDENTIFIED BY '<password>';
GRANT SELECT,INSERT,UPDATE,DELETE,INDEX,ALTER,CREATE,DROP,REFERENCES,\
LOCK TABLES ON <database>.* TO <dbuser>@<host> \
IDENTIFIED BY '<password>';
FLUSH PRIVILEGES;
where <database> is a bugs database name; <dbuser> is a bugs database

2
devel/bugzilla2/Makefile
View file

@ -6,7 +6,7 @@
#
PORTNAME?= bugzilla
PORTVERSION?= 2.16.6
PORTVERSION?= 2.16.7
CATEGORIES?= devel
MASTER_SITES= ${MASTER_SITE_MOZILLA}
MASTER_SITE_SUBDIR= webtools webtools/archived

4
devel/bugzilla2/distinfo
View file

@ -1,2 +1,2 @@
MD5 (bugzilla-2.16.6.tar.gz) = 5b694df8739be175f0358507f844b71d
SIZE (bugzilla-2.16.6.tar.gz) = 1365080
MD5 (bugzilla-2.16.7.tar.gz) = ee4c92bfd940521cc68ea91917f9f0dd
SIZE (bugzilla-2.16.7.tar.gz) = 1368799

5
devel/bugzilla2/pkg-message
View file

@ -4,8 +4,9 @@
1. Create database user who has rights on bugs database manipulation
by following mysql commands:
GRANT SELECT,INSERT,UPDATE,DELETE,INDEX, ALTER,CREATE,DROP,REFERENCES \
ON <database>.* TO <dbuser>@<host> IDENTIFIED BY '<password>';
GRANT SELECT,INSERT,UPDATE,DELETE,INDEX,ALTER,CREATE,DROP,REFERENCES,\
LOCK TABLES ON <database>.* TO <dbuser>@<host> \
IDENTIFIED BY '<password>';
FLUSH PRIVILEGES;
where <database> is a bugs database name; <dbuser> is a bugs database

2
devel/bugzilla3/Makefile
View file

@ -6,7 +6,7 @@
#
PORTNAME?= bugzilla
PORTVERSION?= 2.16.6
PORTVERSION?= 2.16.7
CATEGORIES?= devel
MASTER_SITES= ${MASTER_SITE_MOZILLA}
MASTER_SITE_SUBDIR= webtools webtools/archived

4
devel/bugzilla3/distinfo
View file

@ -1,2 +1,2 @@
MD5 (bugzilla-2.16.6.tar.gz) = 5b694df8739be175f0358507f844b71d
SIZE (bugzilla-2.16.6.tar.gz) = 1365080
MD5 (bugzilla-2.16.7.tar.gz) = ee4c92bfd940521cc68ea91917f9f0dd
SIZE (bugzilla-2.16.7.tar.gz) = 1368799

5
devel/bugzilla3/pkg-message
View file

@ -4,8 +4,9 @@
1. Create database user who has rights on bugs database manipulation
by following mysql commands:
GRANT SELECT,INSERT,UPDATE,DELETE,INDEX, ALTER,CREATE,DROP,REFERENCES \
ON <database>.* TO <dbuser>@<host> IDENTIFIED BY '<password>';
GRANT SELECT,INSERT,UPDATE,DELETE,INDEX,ALTER,CREATE,DROP,REFERENCES,\
LOCK TABLES ON <database>.* TO <dbuser>@<host> \
IDENTIFIED BY '<password>';
FLUSH PRIVILEGES;
where <database> is a bugs database name; <dbuser> is a bugs database