pkgsrc.se | The NetBSD package collection

./www/geeklog, PHP/MySQL based application for managing dynamic web content

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2010Q1, Version: 1.6.1.1, Package name: geeklog-1.6.1.1, Maintainer: taca

Geeklog is a PHP/MySQL based application for managing dynamic web content.

"Out of the box", it is a blog engine, or a CMS with support for comments,
trackbacks, multiple syndication formats, spam protection, and all the
other vital features of such a system.

DEINSTALL [+/-]

Required to run:
[databases/php-mysql] [www/ap-php]

Required to build:
[lang/perl5] [www/apache22]

Master sites:

http://www.geeklog.net/filemgmt/upload_dir/ (Download)

SHA1: 1af1fc4244622fbe404c1a70fb5913c876dc5c4c
RMD160: 61f36dc35aee656ac5bbc8092b1a405b3475ca2e
Filesize: 4922.19 KB

Version history: (Expand)

(2010-05-18) Updated to version: geeklog-1.6.1.1
(2010-04-09) Package added to pkgsrc.se, version geeklog-1.6.1nb1 (created)

CVS history: (Expand)

2010-05-18 00:38:02 by Matthias Scheler | Files touched by this commit (2) | Package updated

Log message:
Pullup ticket #3123 - requested by taca
www/geeklog: security update

Revisioned pulled up:
- www/geeklog/Makefile			1.27
- www/geeklog/distinfo			1.13
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Mon May 17 15:46:38 UTC 2010

Modified Files:
	pkgsrc/www/geeklog: Makefile distinfo

Log message:
Update geeklog package to 1.6.1.1 (1.6.1sr1).

May 9, 2010 (1.6.1sr1)
------------

This release addresses the following security issue:

The autologin (using the long-term session cookie) is vulnerable to dictionary
attacks. This issue was originally reported by Bookoo of the Nine Situations
Group in one of his reports in April 2009 but apparently overlooked by the
Geeklog Team. Thanks to geeklog.net user Jack for pointing this out.