../
|
moinmoin/
|
10021
(13 years ago)
by laffer1:
Update to 1.9.3.
XSS by unescaped content emitted by theme.add_msg (CVE-2010-2487). Affected: likely all up to 1.9.2
fix XSS in template parameter
fix another potential XSS issue
fix more potential XSS issues
The portion of the above that patches MoinMoin/action/RenamePage.py has two problems
It doesn't apply directly to the 1.9.2 base because of other changes.
Use this diff made against 1.9.2 for applying to 1.9.2 installation: http://paste.pocoo.org/show/221927/ -- EugeneSyromyatnikov 2010-06-04 15:27:17
It contains an extraneous merge artifact ">>>>>>> other".
This issue (excuse me for my fault) fixed in http://hg.moinmo.in/moin/1.9/rev/60fde500cbc2 -- EugeneSyromyatnikov 2010-06-04 15:27:17
There is another problem with the above patch. The patch to MoinMoin/action/login.py does not import wikiutil and at least the 1.9.2 base does not have that import. -- MarkSapiro 2010-06-06 02:36:20
f8871116c6b3 -- EugeneSyromyatnikov 2010-06-06 05:38:08
fix XSS in Despam action (CVE-2010-0828) - thanks to Jamie Strandboge (Ubuntu) for fixing
To avoid the issue, please be careful when using Despam action (it is only available for superuser) - please check the page names of the pages to despam first. If they look strange (like containing javascript or html), then don't use Despam to clean them up. If you don't need Despam, you could of course also use actions_excluded to completely disable it.
Fixes security issues of moin 1.9.1:
1.9.2 fixes CVE-2010-0669.
1.9.2 fixes CVE-2010-0668 (and also CVE-2010-0717 which is just another sub-issue of the same issue)
|
dojo/
|
10023
(13 years ago)
by laffer1:
Update dojo js library to 1.5.0.
http://docs.dojocampus.org/releasenotes/1.5
|
linux-flock/
|
10110
(13 years ago)
by laffer1:
update to 2.6.0
|
firefox-remote/
|
10173
(13 years ago)
by laffer1:
rmd160
|
joomla15/
|
10213
(13 years ago)
by laffer1:
update to 1.5.22. The dist site isn't working right so we're falling back now to the midnightbsd ftp server. I don't like that, but with the sql injection troubles it's better to update joomla than not.
|
nanoblogger/
|
10214
(13 years ago)
by laffer1:
Update to 3.4.2
|
linux-flashplugin9/
|
10224
(13 years ago)
by laffer1:
update to r283
|
pmwiki/
|
10279
(13 years ago)
by laffer1:
fix config file installation
|
cherokee/
|
10333
(13 years ago)
by laffer1:
update to 1.0.6
|
p5-CGI.pm/
|
10389
(13 years ago)
by laffer1:
update to 3.5. This fixes a security issue.
|
mod_dnssd/
|
10434
(13 years ago)
by laffer1:
mark broken
|
browser3/
|
10498
(13 years ago)
by laffer1:
Don't use system nss anymore... it's too new
|
pecl-APC/
|
10597
(13 years ago)
by laffer1:
3.1.6
|
epiphany-extensions/
|
10652
(13 years ago)
by laffer1:
go ancient.
|
fcgi/
|
10716
(13 years ago)
by laffer1:
autotools update
|
seamonkey/
|
10716
(13 years ago)
by laffer1:
autotools update
|
kdewebdev/
|
10716
(13 years ago)
by laffer1:
autotools update
|
libwww/
|
10716
(13 years ago)
by laffer1:
autotools update
|
bookmarkbridge/
|
10716
(13 years ago)
by laffer1:
autotools update
|
privoxy/
|
10716
(13 years ago)
by laffer1:
autotools update
|
lighttpd/
|
10716
(13 years ago)
by laffer1:
autotools update
|
libgtkhtml/
|
10716
(13 years ago)
by laffer1:
autotools update
|
tomcat6/
|
10730
(13 years ago)
by laffer1:
6.0.32
|
tidy-devel/
|
10808
(13 years ago)
by laffer1:
fixup
|
youtube_dl/
|
10880
(13 years ago)
by laffer1:
2011.03.29
|
aria2/
|
10882
(13 years ago)
by laffer1:
Update to 1.10.6. This is still not the latest but it's much closer.
|
mod_perl2/
|
11106
(13 years ago)
by laffer1:
update patch files and move pkg-message
|
mediawiki/
|
11129
(13 years ago)
by laffer1:
oops.. latest is 1.16.5
|
apache22/
|
11245
(13 years ago)
by laffer1:
add missing patchset
|
p5-HTML-Mason/
|
11298
(13 years ago)
by laffer1:
Upgrade Mason port to 1.45
|
tomcat55/
|
11416
(13 years ago)
by laffer1:
5.5.33
|
chromium/
|
11425
(13 years ago)
by laffer1:
add depends on p5-Switch for newer perl versions
|
neon29/
|
11428
(13 years ago)
by laffer1:
add neon29, remove neon26 as nothing depends on it. neon28 will go away soon too
|
browser35/
|
11438
(13 years ago)
by laffer1:
make jobs safe, fix plist issue
|
linux-f10-flashplugin10/
|
11509
(13 years ago)
by laffer1:
flash 10
|
linux-seamonkey/
|
11541
(13 years ago)
by laffer1:
add pkgnamesuffix so that firefox devel works properly
|
webkit-gtk2/
|
11555
(13 years ago)
by laffer1:
1.2.7
|
midori/
|
11556
(13 years ago)
by laffer1:
Midori 0.3.3.. now that we have updated webkit
|
linux-firefox36/
|
11557
(13 years ago)
by laffer1:
3.6.18 works on f10.. lets do it
|
linux-firefox-devel/
|
11557
(13 years ago)
by laffer1:
3.6.18 works on f10.. lets do it
|
gtkhtml3/
|
11558
(13 years ago)
by laffer1:
3.32.1
|
epiphany/
|
11563
(13 years ago)
by laffer1:
2.30.6
|
opera/
|
11568
(13 years ago)
by laffer1:
11.10. Security update
|
etoile-bookmarkkit/
|
3472
(16 years ago)
by ctriv:
Bump portrevision on all GNUStep ports.
|
etoile-rsskit/
|
3472
(16 years ago)
by ctriv:
Bump portrevision on all GNUStep ports.
|
retsina/
|
3515
(16 years ago)
by laffer1:
*** empty log message ***
|
linux-nvu/
|
4643
(16 years ago)
by laffer1:
Add license. There is still an issue on magus after the recent changes that needs looking into
|
polipo/
|
4856
(16 years ago)
by laffer1:
This should fix the fake errors found on magus
|
php5-session/
|
494
(17 years ago)
by laffer1:
Add php5-session
|
php5-tidy/
|
497
(17 years ago)
by laffer1:
Add php5 tidy
|
p5-HTML-Tagset/
|
5438
(16 years ago)
by laffer1:
update to 3.20
|
tidy/
|
5439
(16 years ago)
by laffer1:
add license.
|
selfhtml-de/
|
5491
(16 years ago)
by laffer1:
selfhtml was moved from german category.
|
links1/
|
5538
(16 years ago)
by stevan:
Added LICENSE=
|
linux-flashplugin7/
|
5571
(16 years ago)
by laffer1:
This port was creating a plist automagically. However, it was not creating the symlinks properly outside the fake environment. THat's why flash broke when a user make clean this port.
Now the plist is created to pickup the symlinks in the fake dir. I'm not certain this will work without nspluginwrapper, but most people will want that anyway. If that's the case, we should probably just require it.
|
linux-mozilla/
|
5729
(16 years ago)
by laffer1:
Add license. We should consider getting rid of mozilla ports as they are very insecure at this point.
|
p5-HTML-Tree/
|
5978
(16 years ago)
by laffer1:
license
|
nspluginwrapper/
|
6466
(15 years ago)
by laffer1:
update to 1.0, add new paths for /usr/local instead of /usr/X11R6
|
p5-HTML-Table/
|
6503
(15 years ago)
by laffer1:
update to 2.08a
|
p5-HTML-Pager/
|
6504
(15 years ago)
by laffer1:
add license
|
p5-HTML-Breadcrumbs/
|
6505
(15 years ago)
by laffer1:
add license, CPAN macro
|
p5-HTML-Encoding/
|
6584
(15 years ago)
by laffer1:
add p5-HTML-Encoding
|
p5-HTML-Template/
|
6612
(15 years ago)
by laffer1:
Make this work with perl 5.10
|
p5-Template-GD/
|
6619
(15 years ago)
by laffer1:
remove packlist
|
p5-HTTP-DAV/
|
6679
(15 years ago)
by crash:
add license
|
etoile-mollusk/
|
6680
(15 years ago)
by crash:
add license
|
gnustep-ticker/
|
6787
(15 years ago)
by laffer1:
update for newer gnustep
|
kdewebdev4/
|
7060
(15 years ago)
by ctriv:
Added kdewebdev-4.1.3
|
linux-firefox/
|
7094
(15 years ago)
by laffer1:
firefox 2.0.0.20
|
linux-opera/
|
7358
(15 years ago)
by laffer1:
update to 9.64
|
weblint/
|
7759
(15 years ago)
by laffer1:
rmd160
|
validator/
|
7760
(15 years ago)
by laffer1:
update to 0.8.5
|
tidy-lib/
|
7762
(15 years ago)
by laffer1:
cleanup
|
thttpd/
|
7763
(15 years ago)
by laffer1:
minimize conflicts with apache
|
epiphany-webkit/
|
8137
(15 years ago)
by laffer1:
cleanup
|
p5-Template-Toolkit/
|
8541
(14 years ago)
by laffer1:
update to 2.22
|
spawn-fcgi/
|
8548
(14 years ago)
by laffer1:
add spawn-fcgi for lighttpd.
|
webserver/
|
8551
(14 years ago)
by laffer1:
update to 1.3.0
|
webservices/
|
8554
(14 years ago)
by laffer1:
GNUstep webservices library. This looks VERY interesting.
|
squid/
|
8557
(14 years ago)
by laffer1:
update to 2.7.7 (big update)
|
qt4-webkit/
|
9108
(14 years ago)
by laffer1:
update to qt4.5
|
lynx/
|
9141
(14 years ago)
by laffer1:
on second thought, update this to 2.8.7rel1
|
p5-CGI-Ajax/
|
9143
(14 years ago)
by laffer1:
fix master site
|
p5-HTML-Parser/
|
9145
(14 years ago)
by laffer1:
3.64
|
p5-HTML-Scrubber/
|
9146
(14 years ago)
by laffer1:
mark jobs safe
|
awstats/
|
9189
(14 years ago)
by laffer1:
remove dead patch
|
mod_fastcgi/
|
9231
(14 years ago)
by laffer1:
default to apache 2.2
|
zend-framework/
|
9284
(14 years ago)
by laffer1:
update to 1.9.3
|
linuxpluginwrapper/
|
9422
(14 years ago)
by laffer1:
mark ignore on current since it doesn't support versioning
|
furl/
|
9522
(14 years ago)
by laffer1:
mark jobs safe. dist site seems to be down now, but there are many links.. might be temporary
|
links/
|
9523
(14 years ago)
by laffer1:
Update to 2.2
|
analog/
|
9569
(14 years ago)
by laffer1:
png.6
|
dillo/
|
9606
(14 years ago)
by laffer1:
png 1.4.1 fix
|
bluefish/
|
9647
(14 years ago)
by laffer1:
patches are good
|
bozohttpd/
|
9649
(14 years ago)
by laffer1:
update to 20090522
|
dummyflash/
|
9651
(14 years ago)
by laffer1:
use webplugins framework
|
eaccelerator/
|
9653
(14 years ago)
by laffer1:
remove rc
|
google-sitemapgen/
|
9656
(14 years ago)
by laffer1:
update to google-sitemapgen-1.5
|
linux-mplayer-plugin/
|
9657
(14 years ago)
by laffer1:
let's do a version bump here
|
man2web/
|
9658
(14 years ago)
by laffer1:
make jobs safe, fix dist site
|
evolution-webcal/
|
9888
(14 years ago)
by laffer1:
add evolution-webcal
|
p5-libwww/
|
9905
(14 years ago)
by laffer1:
Update to 5.836.
http://cpansearch.perl.org/src/GAAS/libwww-perl-5.836/Changes
|
gnome-user-share/
|
9942
(14 years ago)
by laffer1:
add gnome-user-share
|
Makefile
|
11509
(13 years ago)
by laffer1:
flash 10
|