Navigation:
Browse pkgsrc
(this page) 2008-12-29 12:33:05 by Matthias Scheler | Files touched by this commit (3) |  |
Log message:
Pullup ticket #2617 - requested by bouyer
sympa: security update
Revisions pulled up:
- mail/sympa/Makefile 1.38 (via patch)
- mail/sympa/PLIST 1.7 (via patch)
- mail/sympa/distinfo 1.11 (via patch)
---
Module Name: pkgsrc
Committed By: bouyer
Date: Sat Dec 20 19:02:12 UTC 2008
Modified Files:
pkgsrc/mail/sympa: Makefile PLIST distinfo
Log message:
Update sympa to 5.4.4. Bug fixes (including SQL injestion and privilege
escalation vulnerabilities) and updated translations:
* Sympa was not fully compliant to the RFC 2616, leading for example
to possible unwanted list deletion by administrators using prefetching
tools. This was fixed by replacing all the threatening GET requests
by POST requests;
* Use of sprint() function for creating SQL queries lead to possible
SQL injection through cookie manipulation;
* The use of files in /tmp lead to vulnerabilities.
|
| 2008-12-01 08:53:21 by Tyler R. Retzlaff | Files touched by this commit (1) |
Log message:
pullup ticket #2602 - requested by bouyer
sympa: fix master site
revisions pulled up:
pkgsrc/mail/sympa/Makefile 1.36
Module Name: pkgsrc
Committed By: bouyer
Date: Sun Nov 30 18:13:30 UTC 2008
Modified Files:
pkgsrc/mail/sympa: Makefile
Log message:
Add missing trailing / to one of the MASTER_SITES
|
New packages: