Subject: CVS commit: [pkgsrc-2012Q1] pkgsrc/devel/rt3
From: Matthias Scheler
Date: 2012-05-28 12:51:01
Message id: 20120528105101.999E2175DD@cvs.netbsd.org
Log Message:
Pullup ticket #3808 - requested by spz
devel/rt3: security update

Revisions pulled up:
- devel/rt3/Makefile                                            1.49
- devel/rt3/Makefile.install                                    1.18
- devel/rt3/PLIST                                               1.21
- devel/rt3/distinfo                                            1.22
- devel/rt3/patches/patch-lib_RT_Action_CreateTickets.pm        deleted
- devel/rt3/patches/patch-lib_RT_Ticket__Overlay.pm             deleted
- devel/rt3/patches/patch-lib_RT_Transaction__Overlay.pm        deleted
- devel/rt3/patches/patch-share_html_Admin_CustomFields_Modify.html deleted
- devel/rt3/patches/patch-share_html_Search_Bulk.html           deleted
- devel/rt3/patches/patch-share_html_Search_Elements_SelectChartType deleted
- devel/rt3/patches/patch-share_html_Ticket_Elements_PreviewScrips deleted

---
   Module Name:	pkgsrc
   Committed By:	spz
   Date:		Fri May 25 19:55:44 UTC 2012

   Modified Files:
   	pkgsrc/devel/rt3: Makefile Makefile.install PLIST distinfo
   Removed Files:
   	pkgsrc/devel/rt3/patches: patch-lib_RT_Action_CreateTickets.pm
   	    patch-lib_RT_Ticket__Overlay.pm
   	    patch-lib_RT_Transaction__Overlay.pm
   	    patch-share_html_Admin_CustomFields_Modify.html
   	    patch-share_html_Search_Bulk.html
   	    patch-share_html_Search_Elements_SelectChartType
   	    patch-share_html_Ticket_Elements_PreviewScrips

   Log Message:
   Update RT to version 3.8.12:

   Changes from 3.8.11 to 3.8.12:
       This release, in addition to being a bugfix release, also resolves a
       number of security vulnerabilities.  It resolves CVE-2011-2082,
       CVE-2011-2083, CVE-2011-2084, CVE-2011-2085, CVE-2011-4458,
       CVE-2011-4459, and CVE-2011-4460.

        * Upgrade prototype.js to version 1.7, for compatibility with google
          charts.
        * Remove ie7.js, which is no longer used.
        * Ensure that TransactionBatch scripts are only run once.

   Changes from 3.8.10 to 3.8.11:
       This release contains a number of bugfixes and minor security updates
       since the 3.8.10 release, most notably:

        * Adjust FCGI dependency to one which resolves FCGI's CVE-2011-2766

        * New WebHttpOnlyCookies option, enabled by default, which hides RT's
          cookie from direct Javascript access.

        * Compatibility with perl 5.12 and 5.14, by removing deprecated "for
          qw(...)" and "defined %hash" syntax.

        * MySQL 5.5 compatibility, by specifying ENGINE=InnoDB rather than
          TYPE=InnoDB

        * Ensure that RT::Interface::Web's _Overlay, _Local, and _Vendor files
          are loaded correctly.

        * Fix session cleaner for on-disk sessions, broken since 3.8.0.

        * Ensure that only one "Based on" attribute is stored for each \ 
custom
          field.

        * Fix the loading of Shredder plugins, broken in 3.8.10.
Files:
RevisionActionfile
1.48.4.1modifypkgsrc/devel/rt3/Makefile
1.17.10.1modifypkgsrc/devel/rt3/Makefile.install
1.20.8.1modifypkgsrc/devel/rt3/PLIST
1.21.4.1modifypkgsrc/devel/rt3/distinfo
1.1removepkgsrc/devel/rt3/patches/patch-lib_RT_Action_CreateTickets.pm
1.1removepkgsrc/devel/rt3/patches/patch-lib_RT_Ticket__Overlay.pm
1.1removepkgsrc/devel/rt3/patches/patch-lib_RT_Transaction__Overlay.pm
1.1removepkgsrc/devel/rt3/patches/patch-share_html_Admin_CustomFields_Modify.html
1.1removepkgsrc/devel/rt3/patches/patch-share_html_Search_Bulk.html
1.1removepkgsrc/devel/rt3/patches/patch-share_html_Search_Elements_SelectChartType
1.1removepkgsrc/devel/rt3/patches/patch-share_html_Ticket_Elements_PreviewScrips