Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 17 Oct 2013 19:35:22 +0000 (UTC)
From:      Olli Hauer <ohauer@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r330666 - in head: . devel devel/bugzilla devel/bugzilla40 devel/bugzilla42 devel/bugzilla44 german german/bugzilla german/bugzilla40 german/bugzilla42 german/bugzilla44 japanese japane...
Message-ID:  <201310171935.r9HJZMGv094248@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: ohauer
Date: Thu Oct 17 19:35:22 2013
New Revision: 330666
URL: http://svnweb.freebsd.org/changeset/ports/330666

Log:
  - update to latest release [1]
  - use PKGNAMESUFFIX instead LATEST_LINK
  - whitespace cleanup
  - svn mv */bugzilla to */bugzilla40
  - add vuxml entry
  
  4.4.1, 4.2.7, and 4.0.11 Security Advisory
  Wednesday Oct 16th, 2013
  
  Summary
  =======
  
  Bugzilla is a Web-based bug-tracking system used by a large number of
  software projects. The following security issues have been discovered
  in Bugzilla:
  
  * A CSRF vulnerability in process_bug.cgi affecting Bugzilla 4.4 only
    can lead to a bug being edited without the user consent.
  
  * A CSRF vulnerability in attachment.cgi can lead to an attachment
    being edited without the user consent.
  
  * Several unfiltered parameters when editing flagtypes can lead to XSS.
  
  * Due to an incomplete fix for CVE-2012-4189, some incorrectly filtered
    field values in tabular reports can lead to XSS.
  
  All affected installations are encouraged to upgrade as soon as
  possible.
  
  [1]  even bugzilla40 gets upstream fixes an upgrade to bugzilla42/44 is recommend
  
  Security:	vid e135f0c9-375f-11e3-80b7-20cf30e32f6d
  		CVE-2013-1733
  		CVE-2013-1734
  		CVE-2013-1742
  		CVE-2013-1743

Added:
  head/devel/bugzilla40/
     - copied from r330662, head/devel/bugzilla/
  head/german/bugzilla40/
     - copied from r330663, head/german/bugzilla/
  head/japanese/bugzilla40/
     - copied from r330664, head/japanese/bugzilla/
  head/russian/bugzilla40/
     - copied from r330663, head/russian/bugzilla/
Deleted:
  head/devel/bugzilla/
  head/german/bugzilla/
  head/japanese/bugzilla/
  head/russian/bugzilla/
Modified:
  head/MOVED
  head/devel/Makefile
  head/devel/bugzilla40/Makefile
  head/devel/bugzilla40/Makefile.common
  head/devel/bugzilla40/Makefile.options
  head/devel/bugzilla40/distinfo
  head/devel/bugzilla40/pkg-plist
  head/devel/bugzilla42/Makefile
  head/devel/bugzilla42/Makefile.common
  head/devel/bugzilla42/Makefile.options
  head/devel/bugzilla42/distinfo
  head/devel/bugzilla42/pkg-plist
  head/devel/bugzilla44/Makefile
  head/devel/bugzilla44/Makefile.common
  head/devel/bugzilla44/distinfo
  head/devel/bugzilla44/pkg-plist
  head/german/Makefile
  head/german/bugzilla40/Makefile
  head/german/bugzilla42/Makefile
  head/german/bugzilla44/Makefile
  head/japanese/Makefile
  head/japanese/bugzilla40/Makefile
  head/japanese/bugzilla42/Makefile
  head/japanese/bugzilla44/Makefile
  head/russian/Makefile
  head/russian/bugzilla40/Makefile
  head/russian/bugzilla42/Makefile
  head/security/vuxml/vuln.xml

Modified: head/MOVED
==============================================================================
--- head/MOVED	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/MOVED	Thu Oct 17 19:35:22 2013	(r330666)
@@ -5116,3 +5116,6 @@ audio/akode-plugins-oss||2013-10-17|Remo
 audio/akode-plugins-pulseaudio||2013-10-17|Removed: Dependency of KDE 3.x
 audio/akode-plugins-resampler||2013-10-17|Removed: Dependency of KDE 3.x
 audio/akode-plugins-xiph||2013-10-17|Removed: Dependency of KDE 3.x
+german/bugzilla|german/bugzilla40|2013-10-17|Reflect PORTNAME
+japanese/bugzilla|japanese/bugzilla40|2013-10-17|Reflect PORTNAME
+russian/bugzilla|russian/bugzilla40|2013-10-17|Reflect PORTNAME

Modified: head/devel/Makefile
==============================================================================
--- head/devel/Makefile	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/devel/Makefile	Thu Oct 17 19:35:22 2013	(r330666)
@@ -147,7 +147,7 @@
     SUBDIR += bsdlibdwarf
     SUBDIR += bufferpool
     SUBDIR += bug-buddy
-    SUBDIR += bugzilla
+    SUBDIR += bugzilla40
     SUBDIR += bugzilla42
     SUBDIR += bugzilla44
     SUBDIR += build

Modified: head/devel/bugzilla40/Makefile
==============================================================================
--- head/devel/bugzilla/Makefile	Thu Oct 17 18:21:55 2013	(r330662)
+++ head/devel/bugzilla40/Makefile	Thu Oct 17 19:35:22 2013	(r330666)
@@ -1,7 +1,7 @@
 # $FreeBSD$
 
 PORTNAME=	bugzilla
-PORTVERSION=	4.0.10
+PORTVERSION=	4.0.11
 CATEGORIES=	devel
 MASTER_SITES=	${MASTER_SITE_MOZILLA}
 MASTER_SITE_SUBDIR=	webtools webtools/archived
@@ -44,8 +44,6 @@ EMPTY_DIRS_LIST=data graphs contrib lib 
 USE_APACHE_RUN=	22+
 .endif
 
-.include <bsd.port.pre.mk>
-
 .if ${PORT_OPTIONS:MMYSQL}
 USE_MYSQL=	yes
 RUN_DEPENDS+=	p5-DBD-mysql>=2.9003:${PORTSDIR}/databases/p5-DBD-mysql
@@ -175,4 +173,4 @@ do-install:	.SILENT
 		${FIND} . -type f -exec ${INSTALL_DATA} "{}" "${STAGEDIR}${WWWDIR}/contrib/{}" \;
 .endif
 
-.include <bsd.port.post.mk>
+.include <bsd.port.mk>

Modified: head/devel/bugzilla40/Makefile.common
==============================================================================
--- head/devel/bugzilla/Makefile.common	Thu Oct 17 18:21:55 2013	(r330662)
+++ head/devel/bugzilla40/Makefile.common	Thu Oct 17 19:35:22 2013	(r330666)
@@ -1,8 +1,10 @@
 # $FreeBSD$
 
 DIST_SUBDIR=	${PORTNAME}
+PKGNAMESUFFIX=	40
 
 CONFLICTS_INSTALL=	\
+		bugzilla4[^0].* \
 		bugzilla-4.[^0].*
 
 PORTSCOUT=	limit:^4\.0\.

Modified: head/devel/bugzilla40/Makefile.options
==============================================================================
--- head/devel/bugzilla/Makefile.options	Thu Oct 17 18:21:55 2013	(r330662)
+++ head/devel/bugzilla40/Makefile.options	Thu Oct 17 19:35:22 2013	(r330666)
@@ -11,10 +11,10 @@ OPTIONS_GROUP_ADMIN=	\
 	EXPORT_IMPORT	\
 	CONTRIB
 
-OPTIONS_GROUP_ATTACHMENT= \
+OPTIONS_GROUP_ATTACHMENT=\
 	BMP2PNG
 
-OPTIONS_GROUP_AUTH= 	\
+OPTIONS_GROUP_AUTH=	\
 	LDAP		\
 	RADIUS
 

Modified: head/devel/bugzilla40/distinfo
==============================================================================
--- head/devel/bugzilla/distinfo	Thu Oct 17 18:21:55 2013	(r330662)
+++ head/devel/bugzilla40/distinfo	Thu Oct 17 19:35:22 2013	(r330666)
@@ -1,2 +1,2 @@
-SHA256 (bugzilla/bugzilla-4.0.10.tar.gz) = cdf8a596f34bd0f773a0c9c728a0dd8ed0214d9f19e142e918b25294202e3fa2
-SIZE (bugzilla/bugzilla-4.0.10.tar.gz) = 2804655
+SHA256 (bugzilla/bugzilla-4.0.11.tar.gz) = d2e454a5a705f3728a6645c27793f7c8d3058dda675704eac4a9a856f16b0c0f
+SIZE (bugzilla/bugzilla-4.0.11.tar.gz) = 2785420

Modified: head/devel/bugzilla40/pkg-plist
==============================================================================
--- head/devel/bugzilla/pkg-plist	Thu Oct 17 18:21:55 2013	(r330662)
+++ head/devel/bugzilla40/pkg-plist	Thu Oct 17 19:35:22 2013	(r330666)
@@ -971,6 +971,8 @@
 @dirrmtry %%WWWDIR%%/js/yui
 @dirrmtry %%WWWDIR%%/js
 @dirrm %%WWWDIR%%/images
+@dirrmtry %%WWWDIR%%/graphs
+@dirrmtry %%WWWDIR%%/data
 %%CONTRIB%%@dirrm %%WWWDIR%%/contrib/cmdline
 %%CONTRIB%%@dirrm %%WWWDIR%%/contrib/bugzilla-submit
 @dirrmtry %%WWWDIR%%/contrib
@@ -996,8 +998,6 @@
 @dirrm %%WWWDIR%%/Bugzilla/Auth
 @dirrm %%WWWDIR%%/Bugzilla/Attachment
 @dirrmtry %%WWWDIR%%/Bugzilla
-@dirrmtry %%WWWDIR%%/data
-@dirrmtry %%WWWDIR%%/graphs
 @dirrmtry %%WWWDIR%%
 %%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple/HTMLBatch
 %%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple/HTML
@@ -1030,9 +1030,3 @@
 %%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html
 %%PORTDOCS%%@dirrm %%DOCSDIR%%/en
 %%PORTDOCS%%@dirrm %%DOCSDIR%%
-@exec mkdir -p %D/%%WWWDIR%%/xt
-@exec mkdir -p %D/%%WWWDIR%%/t
-@exec mkdir -p %D/%%WWWDIR%%/lib
-@exec mkdir -p %D/%%WWWDIR%%/graphs
-@exec mkdir -p %D/%%WWWDIR%%/data
-@exec mkdir -p %D/%%WWWDIR%%/contrib

Modified: head/devel/bugzilla42/Makefile
==============================================================================
--- head/devel/bugzilla42/Makefile	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/devel/bugzilla42/Makefile	Thu Oct 17 19:35:22 2013	(r330666)
@@ -1,7 +1,7 @@
 # $FreeBSD$
 
 PORTNAME=	bugzilla
-PORTVERSION=	4.2.6
+PORTVERSION=	4.2.7
 CATEGORIES=	devel
 MASTER_SITES=	${MASTER_SITE_MOZILLA}
 MASTER_SITE_SUBDIR=	webtools webtools/archived
@@ -25,8 +25,6 @@ RUN_DEPENDS=	\
 		p5-TimeDate>=1.19:${PORTSDIR}/devel/p5-TimeDate \
 		p5-URI>=1.37:${PORTSDIR}/net/p5-URI
 
-LATEST_LINK=	bugzilla42
-
 USES=		perl5
 USE_PERL5=	patch run build
 
@@ -47,8 +45,6 @@ EMPTY_DIRS_LIST=data graphs contrib lib 
 USE_APACHE_RUN=	22+
 .endif
 
-.include <bsd.port.pre.mk>
-
 .if ${PORT_OPTIONS:MMYSQL}
 USE_MYSQL=	yes
 RUN_DEPENDS+=	p5-DBD-mysql>=4.0001:${PORTSDIR}/databases/p5-DBD-mysql
@@ -184,4 +180,4 @@ do-install:	.SILENT
 		${FIND} . -type f -exec ${INSTALL_DATA} "{}" "${STAGEDIR}${WWWDIR}/contrib/{}" \;
 .endif
 
-.include <bsd.port.post.mk>
+.include <bsd.port.mk>

Modified: head/devel/bugzilla42/Makefile.common
==============================================================================
--- head/devel/bugzilla42/Makefile.common	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/devel/bugzilla42/Makefile.common	Thu Oct 17 19:35:22 2013	(r330666)
@@ -1,8 +1,10 @@
 # $FreeBSD$
 
 DIST_SUBDIR=	${PORTNAME}
+PKGNAMESUFFIX=	42
 
 CONFLICTS_INSTALL=	\
+		bugzilla4[^2].* \
 		bugzilla-4.[^2].*
 
 PORTSCOUT=	limitw:1,even

Modified: head/devel/bugzilla42/Makefile.options
==============================================================================
--- head/devel/bugzilla42/Makefile.options	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/devel/bugzilla42/Makefile.options	Thu Oct 17 19:35:22 2013	(r330666)
@@ -11,10 +11,10 @@ OPTIONS_GROUP_ADMIN=	\
 	EXPORT_IMPORT	\
 	CONTRIB
 
-OPTIONS_GROUP_ATTACHMENT= \
+OPTIONS_GROUP_ATTACHMENT=\
 	BMP2PNG
 
-OPTIONS_GROUP_AUTH= 	\
+OPTIONS_GROUP_AUTH=	\
 	LDAP		\
 	RADIUS
 

Modified: head/devel/bugzilla42/distinfo
==============================================================================
--- head/devel/bugzilla42/distinfo	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/devel/bugzilla42/distinfo	Thu Oct 17 19:35:22 2013	(r330666)
@@ -1,2 +1,2 @@
-SHA256 (bugzilla/bugzilla-4.2.6.tar.gz) = 16ede21f92e672ed19aadeddd24136a8ec76ec14e6bf9627fe33207f2531807d
-SIZE (bugzilla/bugzilla-4.2.6.tar.gz) = 2425903
+SHA256 (bugzilla/bugzilla-4.2.7.tar.gz) = c2350e02e287f10dc21d7a1813d5311d84804fb1f3418d4ef5c7e335458fc189
+SIZE (bugzilla/bugzilla-4.2.7.tar.gz) = 2964784

Modified: head/devel/bugzilla42/pkg-plist
==============================================================================
--- head/devel/bugzilla42/pkg-plist	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/devel/bugzilla42/pkg-plist	Thu Oct 17 19:35:22 2013	(r330666)
@@ -179,7 +179,7 @@
 %%PORTDOCS%%%%DOCSDIR%%/en/images/note.gif
 %%PORTDOCS%%%%DOCSDIR%%/en/images/tip.gif
 %%PORTDOCS%%%%DOCSDIR%%/en/images/warning.gif
-@comment %%PORTDOCS%%%%DOCSDIR%%/en/pdf/Bugzilla-Guide.pdf
+%%PORTDOCS%%%%DOCSDIR%%/en/pdf/Bugzilla-Guide.pdf
 %%PORTDOCS%%%%DOCSDIR%%/en/rel_notes.txt
 %%PORTDOCS%%%%DOCSDIR%%/en/txt/Bugzilla-Guide.txt
 %%PORTDOCS%%%%DOCSDIR%%/en/xml/Bugzilla-Guide.xml
@@ -987,6 +987,8 @@
 @dirrmtry %%WWWDIR%%/js/history.js
 @dirrmtry %%WWWDIR%%/js
 @dirrm %%WWWDIR%%/images
+@dirrmtry %%WWWDIR%%/graphs
+@dirrmtry %%WWWDIR%%/data
 %%CONTRIB%%@dirrm %%WWWDIR%%/contrib/cmdline
 %%CONTRIB%%@dirrm %%WWWDIR%%/contrib/bugzilla-submit
 @dirrmtry %%WWWDIR%%/contrib
@@ -1014,8 +1016,6 @@
 @dirrm %%WWWDIR%%/Bugzilla/Auth
 @dirrm %%WWWDIR%%/Bugzilla/Attachment
 @dirrmtry %%WWWDIR%%/Bugzilla
-@dirrmtry %%WWWDIR%%/data
-@dirrmtry %%WWWDIR%%/graphs
 @dirrmtry %%WWWDIR%%
 %%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple/HTMLBatch
 %%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple/HTML
@@ -1048,9 +1048,3 @@
 %%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html
 %%PORTDOCS%%@dirrm %%DOCSDIR%%/en
 %%PORTDOCS%%@dirrm %%DOCSDIR%%
-@exec mkdir -p %D/%%WWWDIR%%/xt
-@exec mkdir -p %D/%%WWWDIR%%/t
-@exec mkdir -p %D/%%WWWDIR%%/lib
-@exec mkdir -p %D/%%WWWDIR%%/graphs
-@exec mkdir -p %D/%%WWWDIR%%/data
-@exec mkdir -p %D/%%WWWDIR%%/contrib

Modified: head/devel/bugzilla44/Makefile
==============================================================================
--- head/devel/bugzilla44/Makefile	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/devel/bugzilla44/Makefile	Thu Oct 17 19:35:22 2013	(r330666)
@@ -1,7 +1,7 @@
 # $FreeBSD$
 
 PORTNAME=	bugzilla
-PORTVERSION=	4.4
+PORTVERSION=	4.4.1
 CATEGORIES=	devel
 MASTER_SITES=	${MASTER_SITE_MOZILLA}
 MASTER_SITE_SUBDIR=	webtools webtools/archived
@@ -25,8 +25,6 @@ RUN_DEPENDS=	\
 		p5-TimeDate>=1.19:${PORTSDIR}/devel/p5-TimeDate \
 		p5-URI>=1.37:${PORTSDIR}/net/p5-URI
 
-LATEST_LINK=	bugzilla44
-
 USES=		perl5
 USE_PERL5=	patch build run
 
@@ -47,8 +45,6 @@ EMPTY_DIRS_LIST=data graphs contrib lib 
 USE_APACHE_RUN=	22+
 .endif
 
-.include <bsd.port.pre.mk>
-
 .if ${PORT_OPTIONS:MMYSQL}
 USE_MYSQL=	yes
 RUN_DEPENDS+=	p5-DBD-mysql>=4.0001:${PORTSDIR}/databases/p5-DBD-mysql
@@ -175,6 +171,8 @@ post-patch:
 	@${FIND} ${WRKSRC} \( -name "CVS" -or -name ".cvsignore" -or -name "*.orig" \
 		-or -name "*.bak" -or -name ".bzr*" -or -name "README.docs" \) \
 		| ${XARGS} ${RM} -rf
+# empty leftover	
+	@${RM} ${WRKSRC}/docs/en/html/Bugzilla-Guide.proc
 
 do-install:	.SILENT
 	${MKDIR} ${STAGEDIR}${WWWDIR}
@@ -198,4 +196,4 @@ do-install:	.SILENT
 		${FIND} . -type f -exec ${INSTALL_DATA} "{}" "${STAGEDIR}${WWWDIR}/contrib/{}" \;
 .endif
 
-.include <bsd.port.post.mk>
+.include <bsd.port.mk>

Modified: head/devel/bugzilla44/Makefile.common
==============================================================================
--- head/devel/bugzilla44/Makefile.common	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/devel/bugzilla44/Makefile.common	Thu Oct 17 19:35:22 2013	(r330666)
@@ -1,8 +1,10 @@
 # $FreeBSD$
 
 DIST_SUBDIR=	${PORTNAME}
+PKGNAMESUFFIX=	44
 
 CONFLICTS_INSTALL=	\
+		bugzilla4[^4].* \
 		bugzilla-4.[^4].*
 
 PORTSCOUT=	limitw:1,even

Modified: head/devel/bugzilla44/distinfo
==============================================================================
--- head/devel/bugzilla44/distinfo	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/devel/bugzilla44/distinfo	Thu Oct 17 19:35:22 2013	(r330666)
@@ -1,2 +1,2 @@
-SHA256 (bugzilla/bugzilla-4.4.tar.gz) = 709e1b07ca23a91fbf5fb3d34645a8b574af39034b216daa1811effd02ebd72e
-SIZE (bugzilla/bugzilla-4.4.tar.gz) = 2441533
+SHA256 (bugzilla/bugzilla-4.4.1.tar.gz) = cc63513b98f7f0a523c58c642554ec72ee1e941f7d13c306e2e8c7e4cceeb428
+SIZE (bugzilla/bugzilla-4.4.1.tar.gz) = 2966058

Modified: head/devel/bugzilla44/pkg-plist
==============================================================================
--- head/devel/bugzilla44/pkg-plist	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/devel/bugzilla44/pkg-plist	Thu Oct 17 19:35:22 2013	(r330666)
@@ -183,7 +183,7 @@
 %%PORTDOCS%%%%DOCSDIR%%/en/images/note.gif
 %%PORTDOCS%%%%DOCSDIR%%/en/images/tip.gif
 %%PORTDOCS%%%%DOCSDIR%%/en/images/warning.gif
-@comment %%PORTDOCS%%%%DOCSDIR%%/en/pdf/Bugzilla-Guide.pdf
+%%PORTDOCS%%%%DOCSDIR%%/en/pdf/Bugzilla-Guide.pdf
 %%PORTDOCS%%%%DOCSDIR%%/en/rel_notes.txt
 %%PORTDOCS%%%%DOCSDIR%%/en/txt/Bugzilla-Guide.txt
 %%PORTDOCS%%%%DOCSDIR%%/en/xml/Bugzilla-Guide.xml
@@ -999,6 +999,8 @@
 @dirrmtry %%WWWDIR%%/js/history.js
 @dirrmtry %%WWWDIR%%/js
 @dirrm %%WWWDIR%%/images
+@dirrmtry %%WWWDIR%%/graphs
+@dirrmtry %%WWWDIR%%/data
 %%CONTRIB%%@dirrm %%WWWDIR%%/contrib/cmdline
 %%CONTRIB%%@dirrm %%WWWDIR%%/contrib/bugzilla-submit
 @dirrmtry %%WWWDIR%%/contrib
@@ -1027,8 +1029,6 @@
 @dirrm %%WWWDIR%%/Bugzilla/Auth
 @dirrm %%WWWDIR%%/Bugzilla/Attachment
 @dirrmtry %%WWWDIR%%/Bugzilla
-@dirrmtry %%WWWDIR%%/data
-@dirrmtry %%WWWDIR%%/graphs
 @dirrmtry %%WWWDIR%%
 %%PORTDOCS%%@dirrm %%DOCSDIR%%/xsl
 %%PORTDOCS%%@dirrm %%DOCSDIR%%/lib/Pod/Simple/HTMLBatch
@@ -1062,10 +1062,3 @@
 %%PORTDOCS%%@dirrm %%DOCSDIR%%/en/html
 %%PORTDOCS%%@dirrm %%DOCSDIR%%/en
 %%PORTDOCS%%@dirrm %%DOCSDIR%%
-@exec mkdir -p %D/%%WWWDIR%%/xt
-@exec mkdir -p %D/%%WWWDIR%%/t
-@exec mkdir -p %D/%%WWWDIR%%/lib
-@exec mkdir -p %D/%%WWWDIR%%/graphs
-@exec mkdir -p %D/%%WWWDIR%%/data
-@exec mkdir -p %D/%%WWWDIR%%/contrib
-%%PORTDOCS%%@exec mkdir -p %D/%%DOCSDIR%%/en/pdf

Modified: head/german/Makefile
==============================================================================
--- head/german/Makefile	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/german/Makefile	Thu Oct 17 19:35:22 2013	(r330666)
@@ -11,7 +11,7 @@
     SUBDIR += bsdforen-firefox-searchplugin
     SUBDIR += bsdgroup-firefox-searchplugin
     SUBDIR += bsdpaste
-    SUBDIR += bugzilla
+    SUBDIR += bugzilla40
     SUBDIR += bugzilla42
     SUBDIR += bugzilla44
     SUBDIR += calligra-l10n

Modified: head/german/bugzilla40/Makefile
==============================================================================
--- head/german/bugzilla/Makefile	Thu Oct 17 18:49:09 2013	(r330663)
+++ head/german/bugzilla40/Makefile	Thu Oct 17 19:35:22 2013	(r330666)
@@ -10,9 +10,7 @@ DISTNAME=	germzilla-${PORTVERSION}-1.utf
 MAINTAINER=	bugzilla@FreeBSD.org
 COMMENT=	German localization for Bugzilla
 
-RUN_DEPENDS=	bugzilla>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla
-
-LATEST_LINK=	${PKGNAMEPREFIX}bugzilla
+RUN_DEPENDS=	bugzilla40>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla
 
 NO_WRKSUBDIR=	yes
 

Modified: head/german/bugzilla42/Makefile
==============================================================================
--- head/german/bugzilla42/Makefile	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/german/bugzilla42/Makefile	Thu Oct 17 19:35:22 2013	(r330666)
@@ -10,9 +10,7 @@ DISTNAME=	germzilla-${PORTVERSION}-1.utf
 MAINTAINER=	bugzilla@FreeBSD.org
 COMMENT=	German localization for Bugzilla
 
-RUN_DEPENDS=	bugzilla>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla42
-
-LATEST_LINK=	${PKGNAMEPREFIX}bugzilla42
+RUN_DEPENDS=	bugzilla42>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla42
 
 NO_WRKSUBDIR=	yes
 

Modified: head/german/bugzilla44/Makefile
==============================================================================
--- head/german/bugzilla44/Makefile	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/german/bugzilla44/Makefile	Thu Oct 17 19:35:22 2013	(r330666)
@@ -11,9 +11,7 @@ DISTNAME=	germzilla-${PORTVERSION}-1.utf
 MAINTAINER=	bugzilla@FreeBSD.org
 COMMENT=	German localization for Bugzilla
 
-RUN_DEPENDS=	bugzilla>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla44
-
-LATEST_LINK=	${PKGNAMEPREFIX}bugzilla44
+RUN_DEPENDS=	bugzilla44>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla44
 
 NO_WRKSUBDIR=	yes
 

Modified: head/japanese/Makefile
==============================================================================
--- head/japanese/Makefile	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/japanese/Makefile	Thu Oct 17 19:35:22 2013	(r330666)
@@ -25,7 +25,7 @@
     SUBDIR += awffull
     SUBDIR += bible_names-fpw
     SUBDIR += bookview
-    SUBDIR += bugzilla
+    SUBDIR += bugzilla40
     SUBDIR += bugzilla42
     SUBDIR += bugzilla44
     SUBDIR += calligra-l10n

Modified: head/japanese/bugzilla40/Makefile
==============================================================================
--- head/japanese/bugzilla/Makefile	Thu Oct 17 18:57:57 2013	(r330664)
+++ head/japanese/bugzilla40/Makefile	Thu Oct 17 19:35:22 2013	(r330666)
@@ -11,7 +11,7 @@ DISTNAME=	Bugzilla-ja-${PORTVERSION}-tem
 MAINTAINER=	bugzilla@FreeBSD.org
 COMMENT=	Japanese localization for Bugzilla
 
-RUN_DEPENDS=	bugzilla>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla
+RUN_DEPENDS=	bugzilla40>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla40
 
 NO_WRKSUBDIR=	yes
 

Modified: head/japanese/bugzilla42/Makefile
==============================================================================
--- head/japanese/bugzilla42/Makefile	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/japanese/bugzilla42/Makefile	Thu Oct 17 19:35:22 2013	(r330666)
@@ -11,9 +11,7 @@ DISTNAME=	Bugzilla-ja-${PORTVERSION}-tem
 MAINTAINER=	bugzilla@FreeBSD.org
 COMMENT=	Japanese localization for Bugzilla
 
-RUN_DEPENDS=	bugzilla>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla42
-
-LATEST_LINK=	${PKGNAMEPREFIX}bugzilla42
+RUN_DEPENDS=	bugzilla42>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla42
 
 NO_WRKSUBDIR=	yes
 

Modified: head/japanese/bugzilla44/Makefile
==============================================================================
--- head/japanese/bugzilla44/Makefile	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/japanese/bugzilla44/Makefile	Thu Oct 17 19:35:22 2013	(r330666)
@@ -11,9 +11,7 @@ DISTNAME=	Bugzilla-ja-${PORTVERSION}-tem
 MAINTAINER=	bugzilla@FreeBSD.org
 COMMENT=	Japanese localization for Bugzilla
 
-RUN_DEPENDS=	bugzilla>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla44
-
-LATEST_LINK=	${PKGNAMEPREFIX}bugzilla44
+RUN_DEPENDS=	bugzilla44>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla44
 
 NO_WRKSUBDIR=	yes
 

Modified: head/russian/Makefile
==============================================================================
--- head/russian/Makefile	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/russian/Makefile	Thu Oct 17 19:35:22 2013	(r330666)
@@ -6,7 +6,7 @@
     SUBDIR += MT
     SUBDIR += artwiz-ru
     SUBDIR += aspell
-    SUBDIR += bugzilla
+    SUBDIR += bugzilla40
     SUBDIR += bugzilla42
     SUBDIR += calligra-l10n
     SUBDIR += d1489

Modified: head/russian/bugzilla40/Makefile
==============================================================================
--- head/russian/bugzilla/Makefile	Thu Oct 17 18:49:09 2013	(r330663)
+++ head/russian/bugzilla40/Makefile	Thu Oct 17 19:35:22 2013	(r330666)
@@ -10,7 +10,7 @@ DISTNAME=	bugzilla-${PORTVERSION}-ru-201
 MAINTAINER=	bugzilla@FreeBSD.org
 COMMENT=	Russian localization for Bugzilla
 
-RUN_DEPENDS=	bugzilla>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla
+RUN_DEPENDS=	bugzilla40>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla40
 
 WRKSRC=		${WRKDIR}/${PORTNAME}-${PORTVERSION}.ru
 

Modified: head/russian/bugzilla42/Makefile
==============================================================================
--- head/russian/bugzilla42/Makefile	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/russian/bugzilla42/Makefile	Thu Oct 17 19:35:22 2013	(r330666)
@@ -10,14 +10,12 @@ DISTNAME=	bugzilla-${PORTVERSION}-ru-201
 MAINTAINER=	bugzilla@FreeBSD.org
 COMMENT=	Russian localization for Bugzilla
 
-RUN_DEPENDS=	bugzilla>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla42
+RUN_DEPENDS=	bugzilla42>=${PORTVERSION}:${PORTSDIR}/devel/bugzilla42
 
 WRKSRC=		${WRKDIR}/${PORTNAME}-${PORTVERSION}.ru
 
 .include "${.CURDIR}/../../devel/bugzilla42/Makefile.common"
 
-LATEST_LINK=	${PKGNAMEPREFIX}bugzilla42
-
 do-install:
 	${MKDIR} ${STAGEDIR}${WWWDIR}
 	(cd ${WRKSRC}/ && ${PAX} -r -w * ${STAGEDIR}${WWWDIR})

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Thu Oct 17 19:22:58 2013	(r330665)
+++ head/security/vuxml/vuln.xml	Thu Oct 17 19:35:22 2013	(r330666)
@@ -51,6 +51,67 @@ Note:  Please add new entries to the beg
 
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">;
+  <vuln vid="e135f0c9-375f-11e3-80b7-20cf30e32f6d">
+    <topic>bugzilla -- multiple vulnerabilities</topic>
+    <affects>
+      <package>
+	<name>bugzilla</name>
+	<name>bugzilla40</name>
+	<name>bugzilla42</name>
+	<name>bugzilla44</name>
+	<range><ge>4.0.0</ge><lt>4.0.11</lt></range>
+	<range><ge>4.2.0</ge><lt>4.2.7</lt></range>
+	<range><ge>4.4</ge><lt>4.4.1</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">;
+	<h1>A Bugzilla Security Advisory reports:</h1>
+	<blockquote cite="http://www.bugzilla.org/security/4.0.10/">;
+	  <h1>Cross-Site Request Forgery</h1>
+	  <p>When a user submits changes to a bug right after another
+	    user did, a midair collision page is displayed to inform
+	    the user about changes recently made. This page contains
+	    a token which can be used to validate the changes if the
+	    user decides to submit his changes anyway. A regression
+	    in Bugzilla 4.4 caused this token to be recreated if a
+	    crafted URL was given, even when no midair collision page
+	    was going to be displayed, allowing an attacker to bypass
+	    the token check and abuse a user to commit changes on his
+	    behalf.</p>
+	  <h1>Cross-Site Request Forgery</h1>
+	  <p>When an attachment is edited, a token is generated to
+	    validate changes made by the user. Using a crafted URL,
+	    an attacker could force the token to be recreated,
+	    allowing him to bypass the token check and abuse a user
+	  to commit changes on his behalf.</p>
+	  <h1>Cross-Site Scripting</h1>
+	  <p>Some parameters passed to editflagtypes.cgi were not
+	    correctly filtered in the HTML page, which could lead
+	    to XSS.</p>
+	  <h1>Cross-Site Scripting</h1>
+	  <p>Due to an incomplete fix for CVE-2012-4189, some
+	    incorrectly filtered field values in tabular reports
+	    could lead to XSS.</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <cvename>CVE-2013-1733</cvename>
+      <url>https://bugzilla.mozilla.org/show_bug.cgi?id=911593</url>;
+      <cvename>CVE-2013-1734</cvename>
+      <url>https://bugzilla.mozilla.org/show_bug.cgi?id=913904</url>;
+      <cvename>CVE-2013-1742</cvename>
+      <url>https://bugzilla.mozilla.org/show_bug.cgi?id=924802</url>;
+      <cvename>CVE-2013-1743</cvename>
+      <url>https://bugzilla.mozilla.org/show_bug.cgi?id=924932</url>;
+    </references>
+    <dates>
+      <discovery>2013-10-16</discovery>
+      <entry>2013-10-17</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="8c9b48d1-3715-11e3-a624-00262d8b701d">
     <topic>dropbear -- exposure of sensitive information, DoS</topic>
     <affects>



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201310171935.r9HJZMGv094248>