Date: Mon, 28 Nov 2005 07:30:34 +0000 (UTC) From: Sergey Matveychuk <sem@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/www/joomla Makefile distinfo pkg-plist Message-ID: <200511280730.jAS7UZ9x056851@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
sem 2005-11-28 07:30:34 UTC
FreeBSD ports repository
Modified files:
www/joomla Makefile distinfo pkg-plist
Log:
- Update to 1.0.4
It fixes 6 Security Vunerabilities:
Critical Level Threats
Potentional XSS injection through GET and other variables
- Affects all previous versions of Joomla! and Mambo 4.5.2.3
Hardened SEF against XSS injection
- Affects all previous versions of Joomla! and Mambo 4.5.2.3
Low Level Threats
Potential SQL injection in Polls modules through the Itemid variable
- Affects all previous versions of Joomla! and Mambo 4.5.2.x series
Potential SQL injection in several methods in mosDBTable class
- Affects all previous versions of Joomla! and Mambo 4.5.2.x series
Potential misuse of Media component file management functions
- Affects all previous versions of Joomla! and Mambo 4.5.2.x series
Add search limit param (default of 50) to `Search` Mambots to prevent search flooding
- Affects all previous versions of Joomla! and Mambo 4.5.2.x series
PR: ports/89596
Submitted by: Francisco Alves Cabrita (maintainer)
Revision Changes Path
1.2 +3 -3 ports/www/joomla/Makefile
1.2 +3 -2 ports/www/joomla/distinfo
1.2 +10 -8 ports/www/joomla/pkg-plist
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200511280730.jAS7UZ9x056851>