pkgsrc.se | The NetBSD package collection

./www/contao45, Contao Open Source CMS 4.5.8

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2018Q1, Version: 4.5.8, Package name: php71-contao45-4.5.8, Maintainer: taca

Contao is an Open Source Content Management Framework developed by Leo Feyer
and distributed under the LGPL license.

Its open architecture allows everybody to extend the system to fit his
needs. Contao specializes in accessible websites and is accessbile
itself (front end and back end), rendering valid HTML5.

Contao 4.5 is fifth minor release of Contao 4 and it require PHP 7.1 and
MySQL 5.5.7 with InnoDB as default storage engine and utf8mb4 as default
charset.

Additionally, these new features from 4.5.

* Store the request token as cookie instead of in the session
* Improve the locale handling
* Support use of Symfony translator
* Add the insert tag flag for absolute URLs
* Allow to sort news items by date, headline or randomly
* Use the Symfony assets component for the Contao assets
* Display form fieldsets as wrappers in the back end view
* Support adding external JavaScripts to a page layout
* Add the "require an item" option to the site structure
* Support wildcards in the "iflng" and "ifnlng" insert tags
* Replace the back end "limit width" option with a "fullscreen" option
* Support sorting enclosures
* Add the teaser image as media:content in the RSS/Atom feeds
* Add roles and ARIA landmarks in the back end
* Add all the player options to the YouTube element
* Add the toggle icon of the parent record in parent view
* Add the "event address" field and update the microdata tags
* Use the Symfony security component for authentication

DEINSTALL [+/-]

Required to run:
[databases/php-pdo_mysql] [net/php-soap] [graphics/php-gd] [archivers/php-zlib] [security/php-pecl-mcrypt] [www/php-curl] [textproc/php-json] [textproc/php-intl] [shells/bash] [converters/php-mbstring]

Required to build:
[pkgtools/cwrappers]

Master sites:

https://github.com/contao/ (Download)

SHA1: 5ff4ad37de913c949f2e97980769bffbb78b2687
RMD160: a33f2a184b007fd912b3922e5998377942a9e014
Filesize: 26852.786 KB

Version history: (Expand)

(2018-05-06) Updated to version: php71-contao45-4.5.8
(2018-04-04) Package added to pkgsrc.se, version php71-contao45-4.5.6 (created)

CVS history: (Expand)

2018-05-06 12:39:14 by S.P.Zeidler | Files touched by this commit (3) | Package updated

Log message:
Pullup ticket #5745 - requested by taca
www/contao45: security update

Revisions pulled up:
- www/contao45/Makefile                                         1.6
- www/contao45/PLIST                                            1.6
- www/contao45/distinfo                                         1.6

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Mon Apr 23 14:30:45 UTC 2018

   Modified Files:
   	pkgsrc/www/contao45: Makefile PLIST distinfo

   Log message:
   www/contao45: update to 4.5.8

   Contao 4.5.7 (2018-04-04)

   Contao version 4.5.7 is available.  The bugfix release fixes a few minor
   issues including a problem with validating the request token and a problem
   with rendering custom layout sections.

   Contao 4.5.8 (2018-04-18)

   Contao version 4.5.8 is available.  The bugfix release fixes an XSS
   vulnerability in the system log of the back end (CVE-2018-10125).

   CVE-2018-10125

   With a manipulated request, an attacker can implant a script which is executed
   when a logged in back end user opens the system log.  The attacker themselves
   does not have to be logged in.

   The problem affects Contao 3.0.0 to 3.5.34, 4.0.0 to 4.4.17 and 4.5.0 to
   4.5.7. We highly recommend you to update.

   To generate a diff of this commit:
   cvs rdiff -u -r1.5 -r1.6 pkgsrc/www/contao45/Makefile \
       pkgsrc/www/contao45/PLIST pkgsrc/www/contao45/distinfo