./www/contao35, Contao Open Source CMS 3.5.32

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2017Q4, Version: 3.5.32, Package name: php56-contao35-3.5.32, Maintainer: taca

Contao is an Open Source Content Management Framework developed by Leo Feyer
and distributed under the LGPL license (see GPL.txt and LGPL.txt for more
information). It was formerly known as TYPOlight Open Source CMS.

Its open architecture allows everybody to extend the system to fit his
needs. Contao specializes in accessible websites and is accessbile
itself (front end and back end), rendering valid HTML5 or XHTML pages.

This is version 3.5 stable, LTS (Long Term Support) release.


Required to run:
[net/php-soap] [shells/bash] [graphics/php-gd] [security/php-mcrypt] [www/php-curl] [databases/php-mysqli] [converters/php-mbstring] [archivers/php-zlib]

Required to build:

Master sites:

SHA1: a6a6545e2b00694142456c9e8186aa364034aa09
RMD160: a3be11d82ccad03e57e056a70217d36306ac6a74
Filesize: 10969.776 KB

Version history: (Expand)

CVS history: (Expand)

   2018-01-19 23:11:35 by S.P.Zeidler | Files touched by this commit (3) | Package updated
Log message:
Pullup ticket #5686 - requested by taca
www/contao35: security update

Revisions pulled up:
- www/contao35/Makefile                                         1.36
- www/contao35/PLIST                                            1.18
- www/contao35/distinfo                                         1.28

   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Jan 18 16:13:31 UTC 2018

   Modified Files:
   	pkgsrc/www/contao35: Makefile PLIST distinfo

   Log message:
   www/contao35: update to 3.5.32

   Contao 3.5.32 is available		2018/01/18 09:48 by Leo Feyer

   Contao version 3.5.32 is available. The bugfix release fixes an XSS
   vulnerability in the newsletter extension (CVE-2018-5478).


   The vulnerability is in the "unsubscribe" module of the newsletter \ 
   and can easily be exploited by anyone in the front end. We therefore strongly
   recommend you to update.

   The problem affects Contao 2.0.0 to 3.5.31 and the Contao newsletter bundle
   4.0.0 to 4.0.3.

   If you are not using the newsletter extension or the "unsubscribe" \ 
   your installation is not affected by the vulnerability.

   To generate a diff of this commit:
   cvs rdiff -u -r1.35 -r1.36 pkgsrc/www/contao35/Makefile
   cvs rdiff -u -r1.17 -r1.18 pkgsrc/www/contao35/PLIST
   cvs rdiff -u -r1.27 -r1.28 pkgsrc/www/contao35/distinfo