| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
| |
and bugmeister@. bugzilla@ will be used by bugmeister@ from now on.
Submitted by: bugzilla (ohauer)
Approved by: bugzilla (ohauer)
Hat: postmaster
Notes:
svn path=/head/; revision=367398
|
|
|
|
|
|
|
| |
bugs.freebsd.org/bugzilla/.
Notes:
svn path=/head/; revision=363280
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vulnerability Details
=====================
Class: Cross Site Request Forgery
Versions: 3.7.1 to 4.0.13, 4.1.1 to 4.2.9, 4.3.1 to 4.4.4, 4.5.1 to 4.5.4
Fixed In: 4.0.14, 4.2.10, 4.4.5, 4.5.5
Description: Adobe does not properly restrict the SWF file format,
which allows remote attackers to conduct cross-site
request forgery (CSRF) attacks against Bugzilla's JSONP
endpoint, possibly obtaining sensitive bug information,
via a crafted OBJECT element with SWF content satisfying
the character-set requirements of a callback API.
http://www.bugzilla.org/security/4.0.13/
MFH: 2014Q3
Security: 9defb2d6-1404-11e4-8cae-20cf30e32f6d
CVE-2014-1546
Notes:
svn path=/head/; revision=362911
|
|
|
|
|
|
|
| |
Approved by: portmgr (myself)
Notes:
svn path=/head/; revision=359586
|
|
|
|
|
|
|
|
| |
Submitted by: gavin
Approved by: ohauer (maintainer, implicit)
Notes:
svn path=/head/; revision=354456
|
|
|
|
|
|
|
|
|
|
| |
Abuse our position as the owner of the ports tree to commit a project specific
option and patch to the bugzilla port.
Approved by: ohauer (maintainer)
Notes:
svn path=/head/; revision=353915
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- minor Makefile cleanup
This release fixes one regression introduced in Bugzilla by
security bug 968576: URLs in bug comments are displayed
correctly again. (Bug 998323)
Release Notes & Changes
=======================
Before installing or upgrading, you should read the Release Notes for
the new version of Bugzilla:
4.4.4: http://www.bugzilla.org/releases/4.4.4/release-notes.html
4.2.9: http://www.bugzilla.org/releases/4.2.9/release-notes.html
4.0.13: http://www.bugzilla.org/releases/4.0.13/release-notes.html
MFH: 2014Q2
Notes:
svn path=/head/; revision=351626
|
|
|
|
| |
Notes:
svn path=/head/; revision=351558
|
|
|
|
|
|
|
|
|
|
|
|
| |
- because there will no upstream fixes for CVE-2014-1517 mark bugzilla40 /
bugzilla42 forbidden and set expiration date to 2014-06-21
- fix the GRAPHVIZ OPTION
- bump PORTREVISION
MFH: 2014Q2
Notes:
svn path=/head/; revision=351557
|
|
|
|
|
|
|
|
|
|
|
| |
- move BINMODE to Makefile.common so it is also used in the language packs
Security: CVE-2014-1517
Security: 608ed765-c700-11e3-848c-20cf30e32f6d
Security: 60bfa396-c702-11e3-848c-20cf30e32f6d
Notes:
svn path=/head/; revision=351542
|
|
|
|
|
|
|
|
|
| |
- remove one dead MASTER_SITE_MOZILLA server
Approved by: portmgr@ (tabthorpe)
Notes:
svn path=/head/; revision=339753
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- use PKGNAMESUFFIX instead LATEST_LINK
- whitespace cleanup
- svn mv */bugzilla to */bugzilla40
- add vuxml entry
4.4.1, 4.2.7, and 4.0.11 Security Advisory
Wednesday Oct 16th, 2013
Summary
=======
Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issues have been discovered
in Bugzilla:
* A CSRF vulnerability in process_bug.cgi affecting Bugzilla 4.4 only
can lead to a bug being edited without the user consent.
* A CSRF vulnerability in attachment.cgi can lead to an attachment
being edited without the user consent.
* Several unfiltered parameters when editing flagtypes can lead to XSS.
* Due to an incomplete fix for CVE-2012-4189, some incorrectly filtered
field values in tabular reports can lead to XSS.
All affected installations are encouraged to upgrade as soon as
possible.
[1] even bugzilla40 gets upstream fixes an upgrade to bugzilla42/44 is recommend
Security: vid e135f0c9-375f-11e3-80b7-20cf30e32f6d
CVE-2013-1733
CVE-2013-1734
CVE-2013-1742
CVE-2013-1743
Notes:
svn path=/head/; revision=330666
|
|
|
|
|
|
|
| |
- remove bugzilla3 CONFLICTS
Notes:
svn path=/head/; revision=328405
|
|
|
|
|
|
|
| |
devel part 1)
Notes:
svn path=/head/; revision=327722
|
|
|
|
|
|
|
|
|
|
|
| |
- Resolve issues with implicit lang/perl in extract and patch dependencies
- Trim Makefile header
Reviewed by: bapt@ (exp-run)
Approved by: bapt@ (portmrg@)
Notes:
svn path=/head/; revision=324007
|
|
|
|
| |
Notes:
svn path=/head/; revision=322383
|
|
- devel/bugzilla44
- japanese/bugzilla44
- german/bugzilla44
Release Notes:
http://www.bugzilla.org/releases/4.4/release-notes.html
Notes:
svn path=/head/; revision=321429
|