From owner-cvs-all@FreeBSD.ORG  Mon Nov 28 07:30:35 2005
Return-Path: <owner-cvs-all@FreeBSD.ORG>
X-Original-To: cvs-all@FreeBSD.org
Delivered-To: cvs-all@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CE99016A41F;
	Mon, 28 Nov 2005 07:30:35 +0000 (GMT) (envelope-from sem@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9CDF843D4C;
	Mon, 28 Nov 2005 07:30:35 +0000 (GMT) (envelope-from sem@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id jAS7UZBW056852;
	Mon, 28 Nov 2005 07:30:35 GMT (envelope-from sem@repoman.freebsd.org)
Received: (from sem@localhost)
	by repoman.freebsd.org (8.13.1/8.13.1/Submit) id jAS7UZ9x056851;
	Mon, 28 Nov 2005 07:30:35 GMT (envelope-from sem)
Message-Id: <200511280730.jAS7UZ9x056851@repoman.freebsd.org>
From: Sergey Matveychuk <sem@FreeBSD.org>
Date: Mon, 28 Nov 2005 07:30:34 +0000 (UTC)
To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Cc: 
Subject: cvs commit: ports/www/joomla Makefile distinfo pkg-plist
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Nov 2005 07:30:36 -0000

sem         2005-11-28 07:30:34 UTC

  FreeBSD ports repository

  Modified files:
    www/joomla           Makefile distinfo pkg-plist 
  Log:
  - Update to 1.0.4
    It fixes 6 Security Vunerabilities:
  
  Critical Level Threats
  Potentional XSS injection through GET and other variables
   - Affects all previous versions of Joomla! and Mambo 4.5.2.3
  Hardened SEF against XSS injection
   - Affects all previous versions of Joomla! and Mambo 4.5.2.3
  
  Low Level Threats
  Potential SQL injection in Polls modules through the Itemid variable
   - Affects all previous versions of Joomla! and Mambo 4.5.2.x series
  Potential SQL injection in several methods in mosDBTable class
   - Affects all previous versions of Joomla! and Mambo 4.5.2.x series
  Potential misuse of Media component file management functions
   - Affects all previous versions of Joomla! and Mambo 4.5.2.x series
  Add search limit param (default of 50) to `Search` Mambots to prevent search flooding
   - Affects all previous versions of Joomla! and Mambo 4.5.2.x series
  
  PR:             ports/89596
  Submitted by:   Francisco Alves Cabrita (maintainer)
  
  Revision  Changes    Path
  1.2       +3 -3      ports/www/joomla/Makefile
  1.2       +3 -2      ports/www/joomla/distinfo
  1.2       +10 -8     ports/www/joomla/pkg-plist