---
- branch: MAIN
  date: Mon Feb  3 15:20:39 UTC 2014
  files:
  - new: '1.56'
    old: '1.55'
    path: pkgsrc/www/contao/Makefile.common
    pathrev: pkgsrc/www/contao/Makefile.common@1.56
    type: modified
  - new: '1.19'
    old: '1.18'
    path: pkgsrc/www/contao211/distinfo
    pathrev: pkgsrc/www/contao211/distinfo@1.19
    type: modified
  id: 20140203T152039Z.7dc04000476ccb4fd031c348fb0fabe999cfc7db
  log: |
    Update contao211 package to 2.11.14, fix for CVE-2014-1860.

    Version 2.11.14 (2014-02-03)
    ----------------------------

    ### Fixed
    Do not pass POST data to the `deserialize()` function, so it is not vulnerable
    to PHP object injection. Thanks to Pedro Ribeiro for his input (see #6695).
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/www'
  unixtime: '1391440839'
  user: taca