Date: Mon, 20 Jul 2015 04:40:27 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 201709] [MAINTAINER-UPDATE]: www/magento: Update to 1.9.2.0 Message-ID: <bug-201709-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=201709 Bug ID: 201709 Summary: [MAINTAINER-UPDATE]: www/magento: Update to 1.9.2.0 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: melvyn@magemana.nl Created attachment 159004 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=159004&action=edit Patch to update to 1.9.2.0 Long overdue, update to 1.9.2.0: This fixes a number of important security isseus, contained in: - SUPEE-6285 - SUPEE-5994 - SUPEE-5344 - SUPEE-1533 - SUPEE-3941 - APPSEC-212 New in version 1.9.x: - Responsive Web Design (rwd) theme - New way to extend themes through theme.xml (See: http://alanstorm.com/magento_parent_child_themes for a good introduction) - Various security enhancements involving hardening of controllers. - WARNING: Admin controllers that do NOT extend Mage_Adminhtml_Controller_Action do NOT gain these enhancements and susceptible to exposing the admin login form on carefully crafted URLs. This makes brute-force password attacks harder to detect as there is a broader range of URLs to monitor. Please check your local and 3rd party extensions. - Email is now sent through cron, including transactional emails in batches of maximum 100 (by default). This means if Magento cron is run at */15, delays are 1-15 minutes minumum and upwards of 15 minutes if queue is filling up. Adjust your cron invocation accordingly. - CAUTION: All templates files patched in SUPEE-6285 need the same fix in overridden (store specific) templates. Further reading: <http://merch.docs.magento.com/ce/user_guide/Magento_Community_Edition_User_Guide.html#magento/release-notes-ce-1.9.2.html>; Port changes: - Port will contain a release suffix designating the latest patch that is included. - Framework added to apply patches the official way so it'll be easier to maintain. - Work in progress to get rid of the 2 bash-isms that make would introduce bash as PATCH_DEPENDS (to upstream). - Changed MASTER_SITE to my server, since Magento broke it: <https://twitter.com/daniel_sloof/status/618512496668876801>; - Added option to install the test suite (NOTE: Work in Progress upstream, there be dragons) - Added snappy support now that port is in - Install some files as samples as preparation for sample data port - Make use of new OPTIONS syntax - Make my life easier -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-201709-13>