aboutsummaryrefslogtreecommitdiff
path: root/devel/bugzilla44
Commit message (Collapse)AuthorAgeFilesLines
* Change MAINTAINER to bz-ports@ as discussed with bugzilla@ (now bz-ports@)Florian Smeets2014-09-051-1/+1
| | | | | | | | | | | and bugmeister@. bugzilla@ will be used by bugmeister@ from now on. Submitted by: bugzilla (ohauer) Approved by: bugzilla (ohauer) Hat: postmaster Notes: svn path=/head/; revision=367398
* Update FreeBSD.org cluster-specific patch to match what is running onPeter Wemm2014-07-291-0/+13
| | | | | | | bugs.freebsd.org/bugzilla/. Notes: svn path=/head/; revision=363280
* - update to bugzilla44-4.4.5Olli Hauer2014-07-253-178/+177
| | | | | | | | | | | | | | | | | | | | | | | | Vulnerability Details ===================== Class: Cross Site Request Forgery Versions: 3.7.1 to 4.0.13, 4.1.1 to 4.2.9, 4.3.1 to 4.4.4, 4.5.1 to 4.5.4 Fixed In: 4.0.14, 4.2.10, 4.4.5, 4.5.5 Description: Adobe does not properly restrict the SWF file format, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks against Bugzilla's JSONP endpoint, possibly obtaining sensitive bug information, via a crafted OBJECT element with SWF content satisfying the character-set requirements of a callback API. http://www.bugzilla.org/security/4.0.13/ MFH: 2014Q3 Security: 9defb2d6-1404-11e4-8cae-20cf30e32f6d CVE-2014-1546 Notes: svn path=/head/; revision=362911
* - Chase database/sqlite3 slib bumpMartin Wilke2014-06-271-0/+1
| | | | | | | Approved by: portmgr (myself) Notes: svn path=/head/; revision=359586
* devel/bugzilla44: Better the descriptionEitan Adler2014-05-181-1/+1
| | | | | | | | Submitted by: gavin Approved by: ohauer (maintainer, implicit) Notes: svn path=/head/; revision=354456
* devel/bugzilla44: add FreeBSD specific patch.Eitan Adler2014-05-133-1/+18
| | | | | | | | | | Abuse our position as the owner of the ports tree to commit a project specific option and patch to the bugzilla port. Approved by: ohauer (maintainer) Notes: svn path=/head/; revision=353915
* - update bugzilla to 4.4.4, 4.2.9, 4.0.13Olli Hauer2014-04-202-14/+14
| | | | | | | | | | | | | | | | | | | | | | - minor Makefile cleanup This release fixes one regression introduced in Bugzilla by security bug 968576: URLs in bug comments are displayed correctly again. (Bug 998323) Release Notes & Changes ======================= Before installing or upgrading, you should read the Release Notes for the new version of Bugzilla: 4.4.4: http://www.bugzilla.org/releases/4.4.4/release-notes.html 4.2.9: http://www.bugzilla.org/releases/4.2.9/release-notes.html 4.0.13: http://www.bugzilla.org/releases/4.0.13/release-notes.html MFH: 2014Q2 Notes: svn path=/head/; revision=351626
* - commit forgotten distinfoOlli Hauer2014-04-181-2/+2
| | | | Notes: svn path=/head/; revision=351558
* - distfiles where regenerated (wrong dependency list in the documentation)Olli Hauer2014-04-181-1/+2
| | | | | | | | | | | | - because there will no upstream fixes for CVE-2014-1517 mark bugzilla40 / bugzilla42 forbidden and set expiration date to 2014-06-21 - fix the GRAPHVIZ OPTION - bump PORTREVISION MFH: 2014Q2 Notes: svn path=/head/; revision=351557
* - update to 4.0.12, 4.2.8, 4.4.3Olli Hauer2014-04-184-10/+9
| | | | | | | | | | | - move BINMODE to Makefile.common so it is also used in the language packs Security: CVE-2014-1517 Security: 608ed765-c700-11e3-848c-20cf30e32f6d Security: 60bfa396-c702-11e3-848c-20cf30e32f6d Notes: svn path=/head/; revision=351542
* - add new MASTER_SITE_BUGZILLAOlli Hauer2014-01-151-1/+1
| | | | | | | | | - remove one dead MASTER_SITE_MOZILLA server Approved by: portmgr@ (tabthorpe) Notes: svn path=/head/; revision=339753
* - update to latest release [1]Olli Hauer2013-10-174-18/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - use PKGNAMESUFFIX instead LATEST_LINK - whitespace cleanup - svn mv */bugzilla to */bugzilla40 - add vuxml entry 4.4.1, 4.2.7, and 4.0.11 Security Advisory Wednesday Oct 16th, 2013 Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla: * A CSRF vulnerability in process_bug.cgi affecting Bugzilla 4.4 only can lead to a bug being edited without the user consent. * A CSRF vulnerability in attachment.cgi can lead to an attachment being edited without the user consent. * Several unfiltered parameters when editing flagtypes can lead to XSS. * Due to an incomplete fix for CVE-2012-4189, some incorrectly filtered field values in tabular reports can lead to XSS. All affected installations are encouraged to upgrade as soon as possible. [1] even bugzilla40 gets upstream fixes an upgrade to bugzilla42/44 is recommend Security: vid e135f0c9-375f-11e3-80b7-20cf30e32f6d CVE-2013-1733 CVE-2013-1734 CVE-2013-1742 CVE-2013-1743 Notes: svn path=/head/; revision=330666
* - add STAGE support to bugzilla portsOlli Hauer2013-09-262-17/+10
| | | | | | | - remove bugzilla3 CONFLICTS Notes: svn path=/head/; revision=328405
* Add NO_STAGE all over the place in preparation for the staging support (cat: ↵Baptiste Daroussin2013-09-201-0/+1
| | | | | | | devel part 1) Notes: svn path=/head/; revision=327722
* - Convert to new Uses/perl5.mk frameworkAndrej Zverev2013-07-311-1/+2
| | | | | | | | | | | - Resolve issues with implicit lang/perl in extract and patch dependencies - Trim Makefile header Reviewed by: bapt@ (exp-run) Approved by: bapt@ (portmrg@) Notes: svn path=/head/; revision=324007
* - fix typo in OPTION groupOlli Hauer2013-07-061-1/+1
| | | | Notes: svn path=/head/; revision=322383
* New ports for bugzilla44Olli Hauer2013-06-207-0/+1424
- devel/bugzilla44 - japanese/bugzilla44 - german/bugzilla44 Release Notes: http://www.bugzilla.org/releases/4.4/release-notes.html Notes: svn path=/head/; revision=321429
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-30 16:47:47 +0000