Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11]) by www.NetBSD.org (Postfix) with ESMTP id E582C63B955 for ; Mon, 10 Oct 2011 18:05:39 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id B824214A14F; Mon, 10 Oct 2011 18:05:39 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 774C614A14C for ; Mon, 10 Oct 2011 18:05:36 +0000 (UTC) X-Virus-Scanned: amavisd-new at NetBSD.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id hnkWwDE3JtUx for ; Mon, 10 Oct 2011 18:05:35 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id D3B1914A14A for ; Mon, 10 Oct 2011 18:05:35 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id C0A5D175DD; Mon, 10 Oct 2011 18:05:35 +0000 (UTC) MIME-Version: 1.0 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Date: Mon, 10 Oct 2011 18:05:35 +0000 From: "Matthias Scheler" Subject: CVS commit: [pkgsrc-2011Q3] pkgsrc/www To: pkgsrc-changes@NetBSD.org Reply-To: tron@netbsd.org X-Mailer: log_accum Message-Id: <20111010180535.C0A5D175DD@cvs.netbsd.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk Module Name: pkgsrc Committed By: tron Date: Mon Oct 10 18:05:35 UTC 2011 Modified Files: pkgsrc/www/contao [pkgsrc-2011Q3]: Makefile.common pkgsrc/www/contao210 [pkgsrc-2011Q3]: Makefile distinfo Removed Files: pkgsrc/www/contao210/patches [pkgsrc-2011Q3]: patch-system_modules_frontend_Frontend.php Log Message: Pullup ticket #3552 - requested by taca www/contao210: security update Revisions pulled up: - www/contao/Makefile.common 1.4 - www/contao210/Makefile 1.4 - www/contao210/distinfo 1.4 - www/contao210/patches/patch-system_modules_frontend_Frontend.php deleted --- Module Name: pkgsrc Committed By: taca Date: Mon Oct 10 16:33:00 UTC 2011 Modified Files: pkgsrc/www/contao: Makefile.common pkgsrc/www/contao210: Makefile distinfo Removed Files: pkgsrc/www/contao210/patches: patch-system_modules_frontend_Frontend.php Log Message: Update contao210 package to 2.10.2. It is really fix the XSS problem. Version 2.10.2 (2011-10-10) --------------------------- - Updated: updated TinyMCE to version 3.4.6 - Fixed: do not remove slashes just because get_magic_quotes_gpc() exists - Fixed: CSS units were not always applied when used with global variables (#3464) - Fixed: the task deadline field did not show the date picker (#3351) - Fixed: do not return empty lines in the compileDefinition hook (#3440) - Fixed: the TinyMCE spellchecker did not work anymore (#3487) - Fixed: the regexp for validating phone numbers accepted invalid values (#3493) - Fixed: added the new HTML5 elements to the valid TinyMCE tags (#3479) - Fixed: the style sheet generator did not support absolute URLs (#3512) - Fixed: fixed a potential XSS vulnerability (thanks to sschurtz) - Fixed a few minor issues To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.3.2.1 pkgsrc/www/contao/Makefile.common cvs rdiff -u -r1.2.2.1 -r1.2.2.2 pkgsrc/www/contao210/Makefile \ pkgsrc/www/contao210/distinfo cvs rdiff -u -r1.1.2.2 -r0 \ pkgsrc/www/contao210/patches/patch-system_modules_frontend_Frontend.php Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.