Date: Thu, 21 Jul 2005 15:56:21 +0900 (JST) From: Fumihiko Kimura <jfkimura@yahoo.co.jp> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/83828: update ports: www/tdiary-devel Message-ID: <200507210656.j6L6uLGp065945@sh0.radio.gr.jp> Resent-Message-ID: <200507210700.j6L70Xru053013@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 83828 >Category: ports >Synopsis: update ports: www/tdiary-devel >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Thu Jul 21 07:00:33 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Fumihiko Kimura >Release: FreeBSD 4.11-RELEASE i386 >Organization: >Environment: >Description: - Security (against CSRF attack) update to 2.1.2 (JP Vendor Status Notes) JVN#60776919 (http://jvn.jp/jp/JVN%2360776919/index.html http://www.ipa.go.jp/security/vuln/documents/2005/JVN_60776919_tdiary.html) Cross-site request forgery (CSRF) vulnerability in tDiary versions 2.1.1, 2.0.1 and before. >How-To-Repeat: >Fix: === begin cut here === diff -urN tdiary-devel.orig/Makefile tdiary-devel/Makefile --- tdiary-devel.orig/Makefile Sat Jun 11 20:23:37 2005 +++ tdiary-devel/Makefile Thu Jul 21 13:56:26 2005 @@ -6,7 +6,7 @@ # PORTNAME= tdiary -PORTVERSION= 2.1.1 +PORTVERSION= 2.1.2 CATEGORIES?= www ruby MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} \ http://www.tdiary.org/download/ @@ -22,6 +22,7 @@ PKGMESSAGE= ${WRKDIR}/pkg-message USE_RUBY= yes RUBY_VER= 1.8 +#TDIARY_LANG ja:Japanese en:English zh:Traditional-Chinese RUBY_SHEBANG_FILES= index.rb update.rb misc/convert2.rb misc/plugin/squeeze.rb \ misc/plugin/windex.rb misc/plugin/rast-register.rb \ @@ -33,7 +34,7 @@ WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION} .if !defined(TDIARY_LANG) -TDIARY_LANG= tdiary.conf-en +TDIARY_LANG= en .endif .if defined(WITH_TDIARY_UCONV) RUN_DEPENDS+= ${RUBY_SITEARCHLIBDIR}/uconv.so:${PORTSDIR}/japanese/ruby-uconv @@ -54,15 +55,7 @@ -e 's,@@@@LANG@@@@,${TDIARY_LANG},g' \ ${FILESDIR}/tdiaryinst.rb.in > ${TDIARYDIR}/tdiaryinst.rb @${CP} -pR ${WRKSRC}/ ${TDIARYDIR} -.if ${TDIARY_LANG} == tdiary.conf-en - @${ECHO_MSG} "===> TDIARY : English Language messages support" @${RUBY} -i -pe 'sub(/%Y-%m-%d/, "%Y-%m-%d [%a]")' ${TDIARYDIR}/misc/i18n/tdiary.conf.sample-en -.else - @${ECHO_MSG} "===> TDIARY : Japanese Language messages support" - @${RUBY} -i -pe 'sub(/%Y-%m-%d/, "%Y-%m-%d [%J]")' ${TDIARYDIR}/tdiary.conf.sample - @${ECHO_MSG} - @${ECHO_MSG} "===> When you install in home directory, let's choose plugin of 'jdate.rb' to just display 'YOUBI'." -.endif @${CHOWN} -R ${SHAREOWN}:${SHAREGRP} ${TDIARYDIR} post-install: diff -urN tdiary-devel.orig/distinfo tdiary-devel/distinfo --- tdiary-devel.orig/distinfo Thu Jun 9 16:42:46 2005 +++ tdiary-devel/distinfo Thu Jul 21 10:28:15 2005 @@ -1,2 +1,2 @@ -MD5 (tdiary-full-2.1.1.tar.gz) = 74bf1819643c512c6f0af1bc6599c1c5 -SIZE (tdiary-full-2.1.1.tar.gz) = 2138225 +MD5 (tdiary-full-2.1.2.tar.gz) = 9fed458ba325b771d89e582c6ad28a84 +SIZE (tdiary-full-2.1.2.tar.gz) = 2924123 diff -urN tdiary-devel.orig/files/tdiaryinst.rb.in tdiary-devel/files/tdiaryinst.rb.in --- tdiary-devel.orig/files/tdiaryinst.rb.in Sat Jun 11 20:23:37 2005 +++ tdiary-devel/files/tdiaryinst.rb.in Thu Jul 21 15:12:30 2005 @@ -85,7 +85,7 @@ STDERR.print " --name=<author_name> Specify author name\n" STDERR.print " --mail=<author_mail> Specify author mail address\n" STDERR.print " --tdiarymaster=<dir> Specify tDiary master directory default: @@@@PREFIX@@@@/share/examples/tdiary\n" - STDERR.print " --lang=<language> Specify your language ('en' or 'ja') default: @@@@LANG@@@@\n" + STDERR.print " --lang=<language> Specify your language ('en' or 'ja' or 'zh') default: @@@@LANG@@@@\n" STDERR.print " --suexec Use suExec for CGI execution\n" STDERR.print " --symlink Use symbolic link for tDiary master files\n" STDERR.print " --quiet Do not display any information\n" @@ -158,6 +158,9 @@ when 'tdiary.conf-ja' , 'ja' @lang = 'ja' @tdconfig = 'tdiary.conf-ja' + when 'zh' + @lang = 'zh' + @tdconfig = 'tdiary.conf-en' else raise "Unknown Language : #{value}" end @@ -215,7 +218,6 @@ def copyBaseFile FileUtils16.cp_r("#{@tdiarymaster}/doc", "#{@passwd.dir}/#{@httpdir}/#{@diarydir}", :preserve, *@fileutilOptions) -# FileUtils16.cp_r("#{@tdiarymaster}/erb", "#{@passwd.dir}/#{@httpdir}/#{@diarydir}", :preserve, *@fileutilOptions) FileUtils16.cp_r("#{@tdiarymaster}/misc", "#{@passwd.dir}/#{@httpdir}/#{@diarydir}", :preserve, *@fileutilOptions) FileUtils16.cp_r("#{@tdiarymaster}/plugin", "#{@passwd.dir}/#{@httpdir}/#{@diarydir}", :preserve, *@fileutilOptions) FileUtils16.cp_r("#{@tdiarymaster}/skel", "#{@passwd.dir}/#{@httpdir}/#{@diarydir}", :preserve, *@fileutilOptions) @@ -281,6 +283,7 @@ line = "@author_mail = '#{@author_mail}'\n" if line =~ /^\@author_mail\s/ line = "@html_title = '#{@author_name} diary'\n" if line =~ /^\@html_title\s/ line = "@index_page = 'http://#{@author_host}/~#{@username}\/'" if line =~ /^\@index_page\s/ + line = "@lang = '#{@lang}'\n" if line =~ /^\@lang\s/ s += line } } diff -urN tdiary-devel.orig/pkg-descr tdiary-devel/pkg-descr --- tdiary-devel.orig/pkg-descr Thu Jun 9 19:01:23 2005 +++ tdiary-devel/pkg-descr Thu Jul 21 13:59:25 2005 @@ -2,7 +2,7 @@ It is possible for diary readers to add comments to your diary. - require Ruby 1.8.2 or later - - currently supported: Japanese, English + - currently supported: Japanese, English, Traditional-Chinese tDiary is developed on http://sourceforge.net/projects/tdiary/ . See URL for more information. === ended cut here === >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200507210656.j6L6uLGp065945>