Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 1 May 2005 22:11:01 GMT
From:      Gerrit Beine <tux@pinguru.net>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/80518: Update port: www/mediawiki
Message-ID:  <200505012211.j41MB10F076558@www.freebsd.org>
Resent-Message-ID: <200505012220.j41MK2X0085241@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         80518
>Category:       ports
>Synopsis:       Update port: www/mediawiki
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Sun May 01 22:20:01 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     Gerrit Beine
>Release:        FreeBSD 5.3-RELEASE
>Organization:
pitcom GmbH
>Environment:
FreeBSD asus.site 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Fri Nov 12 23:43:33 CET 2004     root@asus.site:/usr/src/sys/i386/compile/ASUS  i386

>Description:
Update to the current version 1.3.12:

MediaWiki 1.3.12 is a security maintenance release.

A cross-site scripting injection vulnerability was discovered, which affects only MSIE clients and is only open if MediaWiki has been manually configured to run output through HTML Tidy ($wgUseTidy).


>How-To-Repeat:
      
>Fix:
diff -Nur /usr/ports/www/mediawiki/Makefile mediawiki/Makefile
--- /usr/ports/www/mediawiki/Makefile	Tue Mar  8 10:16:34 2005
+++ mediawiki/Makefile	Mon May  2 00:03:46 2005
@@ -6,8 +6,7 @@
 #
 
 PORTNAME=	mediawiki
-PORTVERSION=	1.3.11
-PORTREVISION=	1
+PORTVERSION=	1.3.12
 CATEGORIES=	www
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE}
 MASTER_SITE_SUBDIR=	wikipedia
@@ -16,9 +15,30 @@
 COMMENT=	The wiki enginge used by Wikipedia
 
 NO_BUILD=	yes
-USE_PHP=	mysql session zlib
+USE_PHP=	iconv mbstring pcre session xml zlib imagick readline
 WANT_PHP_WEB=	yes
 MEDIAWIKIDIR?=	www/data-dist/mediawiki
+
+OPTIONS=	PGSQL "Use PostgreSQL instead of MySQL" off \
+		LDAP "Use LDAP authentication" off
+
+PORT_DBDIR?=	/var/db/ports
+LATEST_LINK=	${PORTNAME}
+OPTIONSFILE?=	${PORT_DBDIR}/${LATEST_LINK}/options
+
+.if exists(${OPTIONSFILE})
+.include "${OPTIONSFILE}"
+.endif
+
+.if defined(WITH_PGSQL)
+USE_PHP+=	pgsql
+.else
+USE_PHP+=	mysql
+.endif
+
+.if defined(WITH_LDAP)
+USE_PHP+=	ldap
+.endif
 
 do-install:
 	-${MKDIR} ${PREFIX}/${MEDIAWIKIDIR}
diff -Nur /usr/ports/www/mediawiki/distinfo mediawiki/distinfo
--- /usr/ports/www/mediawiki/distinfo	Fri Mar  4 10:18:15 2005
+++ mediawiki/distinfo	Mon May  2 00:04:30 2005
@@ -1,2 +1,2 @@
-MD5 (mediawiki-1.3.11.tar.gz) = 33f17f1347934d5cb36f81f9215e734f
-SIZE (mediawiki-1.3.11.tar.gz) = 1577145
+MD5 (mediawiki-1.3.12.tar.gz) = 97003e0860cf05075dd84efdb675defb
+SIZE (mediawiki-1.3.12.tar.gz) = 1577784
>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200505012211.j41MB10F076558>