* [gentoo-commits] gentoo-x86 commit in www-apps/mantisbt: ChangeLog mantisbt-1.2.7-r1.ebuild
@ 2011-09-01 19:30 Peter Volkov (pva)
0 siblings, 0 replies; 4+ messages in thread
From: Peter Volkov (pva) @ 2011-09-01 19:30 UTC (permalink / raw
To: gentoo-commits
pva 11/09/01 19:30:23
Modified: ChangeLog
Added: mantisbt-1.2.7-r1.ebuild
Log:
Add patch to address local file inclusion/path traversal, bug 381417 wrt David Hicks.
(Portage version: 2.1.10.11/cvs/Linux x86_64)
Revision Changes Path
1.108 www-apps/mantisbt/ChangeLog
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/ChangeLog?rev=1.108&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/ChangeLog?rev=1.108&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/ChangeLog?r1=1.107&r2=1.108
Index: ChangeLog
===================================================================
RCS file: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v
retrieving revision 1.107
retrieving revision 1.108
diff -u -r1.107 -r1.108
--- ChangeLog 26 Aug 2011 11:13:32 -0000 1.107
+++ ChangeLog 1 Sep 2011 19:30:23 -0000 1.108
@@ -1,6 +1,13 @@
# ChangeLog for www-apps/mantisbt
# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v 1.107 2011/08/26 11:13:32 chainsaw Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v 1.108 2011/09/01 19:30:23 pva Exp $
+
+*mantisbt-1.2.7-r1 (01 Sep 2011)
+
+ 01 Sep 2011; Peter Volkov <pva@gentoo.org> +mantisbt-1.2.7-r1.ebuild,
+ +files/mantisbt-1.2.7-file-inclusion.patch:
+ Add patch to address local file inclusion/path traversal, bug 381417 wrt
+ David Hicks.
26 Aug 2011; Tony Vroon <chainsaw@gentoo.org> mantisbt-1.2.7.ebuild:
Marked stable on AMD64 based on arch testing by Agostino "ago" Sarubbo in
1.1 www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild?rev=1.1&content-type=text/plain
Index: mantisbt-1.2.7-r1.ebuild
===================================================================
# Copyright 1999-2011 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild,v 1.1 2011/09/01 19:30:23 pva Exp $
EAPI="2"
inherit eutils webapp depend.php
DESCRIPTION="PHP/MySQL/Web based bugtracking system"
HOMEPAGE="http://www.mantisbt.org/"
SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
LICENSE="GPL-2"
KEYWORDS="~amd64 ~x86"
IUSE=""
RDEPEND="
virtual/httpd-php
virtual/httpd-cgi
|| ( <dev-lang/php-5.3[pcre] >=dev-lang/php-5.3 )
>=dev-php5/ezc-Base-1.8
>=dev-php5/ezc-Graph-1.5
>=dev-php/adodb-5.10"
src_prepare() {
epatch "${FILESDIR}/mantisbt-1.2.7-file-inclusion.patch" #381417
# Drop external libraries
rm -r "${S}/library/adodb/"
rm -r "${S}/library/ezc/"{Base,Graph}
sed -e 's:ezc/Base/src/base.php:ezc/Base/base.php:' \
-i "${S}"/plugins/MantisGraph/{core/graph_api.php,pages/summary_graph_cumulative_bydate2.php} \
|| die
# Fix incorrect filename
sed -e 's:config_default_inc.php:config_defaults_inc.php:' \
-i "${S}/lang/strings_russian.txt" || die
}
src_install() {
webapp_src_preinst
rm doc/{LICENSE,INSTALL}
dodoc doc/{CREDITS,CUSTOMIZATION,RELEASE} doc/en/*
rm -rf doc packages
mv config_inc.php.sample config_inc.php
cp -R . "${D}/${MY_HTDOCSDIR}"
webapp_configfile "${MY_HTDOCSDIR}/config_inc.php"
webapp_postinst_txt en "${FILESDIR}/postinstall-en-1.0.0.txt"
webapp_src_install
}
^ permalink raw reply [flat|nested] 4+ messages in thread
* [gentoo-commits] gentoo-x86 commit in www-apps/mantisbt: ChangeLog mantisbt-1.2.7-r1.ebuild
@ 2011-09-02 9:05 Tony Vroon (chainsaw)
0 siblings, 0 replies; 4+ messages in thread
From: Tony Vroon (chainsaw) @ 2011-09-02 9:05 UTC (permalink / raw
To: gentoo-commits
chainsaw 11/09/02 09:05:31
Modified: ChangeLog mantisbt-1.2.7-r1.ebuild
Log:
Marked stable on AMD64 based on arch testing by Elijah "Armageddon" El Lazkani in security bug #381417 filed by David Hicks.
(Portage version: 2.1.10.11/cvs/Linux x86_64)
Revision Changes Path
1.109 www-apps/mantisbt/ChangeLog
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/ChangeLog?rev=1.109&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/ChangeLog?rev=1.109&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/ChangeLog?r1=1.108&r2=1.109
Index: ChangeLog
===================================================================
RCS file: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v
retrieving revision 1.108
retrieving revision 1.109
diff -u -r1.108 -r1.109
--- ChangeLog 1 Sep 2011 19:30:23 -0000 1.108
+++ ChangeLog 2 Sep 2011 09:05:31 -0000 1.109
@@ -1,6 +1,10 @@
# ChangeLog for www-apps/mantisbt
# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v 1.108 2011/09/01 19:30:23 pva Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v 1.109 2011/09/02 09:05:31 chainsaw Exp $
+
+ 02 Sep 2011; Tony Vroon <chainsaw@gentoo.org> mantisbt-1.2.7-r1.ebuild:
+ Marked stable on AMD64 based on arch testing by Elijah "Armageddon" El
+ Lazkani in security bug #381417 filed by David Hicks.
*mantisbt-1.2.7-r1 (01 Sep 2011)
1.2 www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild?rev=1.2&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild?rev=1.2&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild?r1=1.1&r2=1.2
Index: mantisbt-1.2.7-r1.ebuild
===================================================================
RCS file: /var/cvsroot/gentoo-x86/www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- mantisbt-1.2.7-r1.ebuild 1 Sep 2011 19:30:23 -0000 1.1
+++ mantisbt-1.2.7-r1.ebuild 2 Sep 2011 09:05:31 -0000 1.2
@@ -1,6 +1,6 @@
# Copyright 1999-2011 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild,v 1.1 2011/09/01 19:30:23 pva Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild,v 1.2 2011/09/02 09:05:31 chainsaw Exp $
EAPI="2"
@@ -11,7 +11,7 @@
SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
LICENSE="GPL-2"
-KEYWORDS="~amd64 ~x86"
+KEYWORDS="amd64 ~x86"
IUSE=""
RDEPEND="
^ permalink raw reply [flat|nested] 4+ messages in thread
* [gentoo-commits] gentoo-x86 commit in www-apps/mantisbt: ChangeLog mantisbt-1.2.7-r1.ebuild
@ 2011-09-04 0:55 PaweA Hajdan (phajdan.jr)
0 siblings, 0 replies; 4+ messages in thread
From: PaweA Hajdan (phajdan.jr) @ 2011-09-04 0:55 UTC (permalink / raw
To: gentoo-commits
phajdan.jr 11/09/04 00:55:38
Modified: ChangeLog mantisbt-1.2.7-r1.ebuild
Log:
x86 stable wrt security bug #381417
(Portage version: 2.1.10.11/cvs/Linux i686)
Revision Changes Path
1.110 www-apps/mantisbt/ChangeLog
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/ChangeLog?rev=1.110&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/ChangeLog?rev=1.110&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/ChangeLog?r1=1.109&r2=1.110
Index: ChangeLog
===================================================================
RCS file: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v
retrieving revision 1.109
retrieving revision 1.110
diff -u -r1.109 -r1.110
--- ChangeLog 2 Sep 2011 09:05:31 -0000 1.109
+++ ChangeLog 4 Sep 2011 00:55:38 -0000 1.110
@@ -1,6 +1,10 @@
# ChangeLog for www-apps/mantisbt
# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v 1.109 2011/09/02 09:05:31 chainsaw Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v 1.110 2011/09/04 00:55:38 phajdan.jr Exp $
+
+ 04 Sep 2011; Pawel Hajdan jr <phajdan.jr@gentoo.org>
+ mantisbt-1.2.7-r1.ebuild:
+ x86 stable wrt security bug #381417
02 Sep 2011; Tony Vroon <chainsaw@gentoo.org> mantisbt-1.2.7-r1.ebuild:
Marked stable on AMD64 based on arch testing by Elijah "Armageddon" El
1.3 www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild?rev=1.3&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild?rev=1.3&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild?r1=1.2&r2=1.3
Index: mantisbt-1.2.7-r1.ebuild
===================================================================
RCS file: /var/cvsroot/gentoo-x86/www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- mantisbt-1.2.7-r1.ebuild 2 Sep 2011 09:05:31 -0000 1.2
+++ mantisbt-1.2.7-r1.ebuild 4 Sep 2011 00:55:38 -0000 1.3
@@ -1,6 +1,6 @@
# Copyright 1999-2011 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild,v 1.2 2011/09/02 09:05:31 chainsaw Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild,v 1.3 2011/09/04 00:55:38 phajdan.jr Exp $
EAPI="2"
@@ -11,7 +11,7 @@
SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
LICENSE="GPL-2"
-KEYWORDS="amd64 ~x86"
+KEYWORDS="amd64 x86"
IUSE=""
RDEPEND="
^ permalink raw reply [flat|nested] 4+ messages in thread
* [gentoo-commits] gentoo-x86 commit in www-apps/mantisbt: ChangeLog mantisbt-1.2.7-r1.ebuild
@ 2011-10-08 15:51 Peter Volkov (pva)
0 siblings, 0 replies; 4+ messages in thread
From: Peter Volkov (pva) @ 2011-10-08 15:51 UTC (permalink / raw
To: gentoo-commits
pva 11/10/08 15:51:49
Modified: ChangeLog
Removed: mantisbt-1.2.7-r1.ebuild
Log:
Drop vulnerable version, bug #386153, thank GLSAMaker/CVETool Bot for report.
(Portage version: 2.1.10.20/cvs/Linux x86_64)
Revision Changes Path
1.114 www-apps/mantisbt/ChangeLog
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/ChangeLog?rev=1.114&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/ChangeLog?rev=1.114&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/www-apps/mantisbt/ChangeLog?r1=1.113&r2=1.114
Index: ChangeLog
===================================================================
RCS file: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v
retrieving revision 1.113
retrieving revision 1.114
diff -u -r1.113 -r1.114
--- ChangeLog 12 Sep 2011 21:05:59 -0000 1.113
+++ ChangeLog 8 Oct 2011 15:51:49 -0000 1.114
@@ -1,6 +1,10 @@
# ChangeLog for www-apps/mantisbt
# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v 1.113 2011/09/12 21:05:59 maekke Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v 1.114 2011/10/08 15:51:49 pva Exp $
+
+ 08 Oct 2011; Peter Volkov <pva@gentoo.org> -mantisbt-1.2.7-r1.ebuild,
+ -files/mantisbt-1.2.7-file-inclusion.patch:
+ Drop vulnerable version, bug #386153, thank GLSAMaker/CVETool Bot for report.
12 Sep 2011; Markus Meier <maekke@gentoo.org> mantisbt-1.2.8.ebuild:
amd64/x86 stable, bug #381785
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2011-10-08 15:52 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-09-02 9:05 [gentoo-commits] gentoo-x86 commit in www-apps/mantisbt: ChangeLog mantisbt-1.2.7-r1.ebuild Tony Vroon (chainsaw)
-- strict thread matches above, loose matches on Subject: below --
2011-10-08 15:51 Peter Volkov (pva)
2011-09-04 0:55 PaweA Hajdan (phajdan.jr)
2011-09-01 19:30 Peter Volkov (pva)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox