Mon Apr 20 09:28:28 2009 UTC ()
Updated devel/bugzilla3 to 3.2.3

Security fix:
 * Attachment editing was vulnerable to a cross-site request forgery.
   Note that this issue was only fixed for 3.2.3 and 3.3.4 even though
   all versions of Bugzilla are affected (see below for an explanation).

bug fixes:
 * Bugzilla is now compatible with MySQL 5.1.x versions 5.1.31
   and greater. (Bug 480001)
 * On Windows, Bugzilla sometimes would send mangled emails (that
   would often fail to send). (Bug 467920)
 * recode.pl would sometimes crash when trying to convert databases
   from older versions of Bugzilla. (Bug 431201)
 * Running a saved search with Unicode characters in its name would
   cause Bugzilla to crash. (Bug 477513)
 * Bugzilla clients like Mylyn can now update bugs again (the bug
   XML format now contains a "token" element that can be used when
   updating a bug). (Bug 476678)
 * For installations using the shadowdb parameter, Bugzilla was
   accidentally writing to the "tokens" table in the shadow database
   (instead of the master database) when using the "Change Several
   Bugs at Once" page. (Bug 476943)


(abs)
diff -r1.13 -r1.14 pkgsrc/devel/bugzilla3/Makefile
diff -r1.7 -r1.8 pkgsrc/devel/bugzilla3/distinfo

cvs diff -r1.13 -r1.14 pkgsrc/devel/bugzilla3/Makefile (switch to unified diff)

--- pkgsrc/devel/bugzilla3/Makefile 2009/02/13 20:41:33 1.13
+++ pkgsrc/devel/bugzilla3/Makefile 2009/04/20 09:28:28 1.14
@@ -1,106 +1,106 @@ @@ -1,106 +1,106 @@
1# $NetBSD: Makefile,v 1.13 2009/02/13 20:41:33 abs Exp $ 1# $NetBSD: Makefile,v 1.14 2009/04/20 09:28:28 abs Exp $
2# 2#
3 3
4DISTNAME= bugzilla-3.2.2 4DISTNAME= bugzilla-3.2.3
5CATEGORIES= www devel 5CATEGORIES= www devel
6MASTER_SITES= ${MASTER_SITE_MOZILLA_ALL:=webtools/} 6MASTER_SITES= ${MASTER_SITE_MOZILLA_ALL:=webtools/}
7 7
8MAINTAINER= adrianp@NetBSD.org 8MAINTAINER= adrianp@NetBSD.org
9HOMEPAGE= http://www.bugzilla.org/ 9HOMEPAGE= http://www.bugzilla.org/
10COMMENT= Web based bug tracking system 10COMMENT= Web based bug tracking system
11 11
12DEPENDS+= p5-CGI>=3.21:../../www/p5-CGI 12DEPENDS+= p5-CGI>=3.21:../../www/p5-CGI
13DEPENDS+= p5-DBI>=1.41:../../databases/p5-DBI 13DEPENDS+= p5-DBI>=1.41:../../databases/p5-DBI
14DEPENDS+= p5-Template-Toolkit>=2.15:../../www/p5-Template-Toolkit 14DEPENDS+= p5-Template-Toolkit>=2.15:../../www/p5-Template-Toolkit
15DEPENDS+= p5-TimeDate>=1.16:../../time/p5-TimeDate 15DEPENDS+= p5-TimeDate>=1.16:../../time/p5-TimeDate
16DEPENDS+= p5-Email-Send>=2.00:../../mail/p5-Email-Send 16DEPENDS+= p5-Email-Send>=2.00:../../mail/p5-Email-Send
17DEPENDS+= p5-Email-MIME>=1.861:../../mail/p5-Email-MIME 17DEPENDS+= p5-Email-MIME>=1.861:../../mail/p5-Email-MIME
18DEPENDS+= p5-Email-MIME-Modifier>=1.442:../../mail/p5-Email-MIME-Modifier 18DEPENDS+= p5-Email-MIME-Modifier>=1.442:../../mail/p5-Email-MIME-Modifier
19 19
20PKG_DESTDIR_SUPPORT= user-destdir 20PKG_DESTDIR_SUPPORT= user-destdir
21 21
22.include "../../mk/bsd.prefs.mk" 22.include "../../mk/bsd.prefs.mk"
23.include "options.mk" 23.include "options.mk"
24 24
25USE_TOOLS+= pax perl:run 25USE_TOOLS+= pax perl:run
26NO_BUILD= YES 26NO_BUILD= YES
27 27
28BZ_WEB_GROUP?= ${APACHE_GROUP} 28BZ_WEB_GROUP?= ${APACHE_GROUP}
29SENDMAIL?= /usr/sbin/sendmail 29SENDMAIL?= /usr/sbin/sendmail
30CVS?= /usr/bin/cvs 30CVS?= /usr/bin/cvs
31 31
32BUILD_DEFS+= SENDMAIL CVS APACHE_USER APACHE_GROUP 32BUILD_DEFS+= SENDMAIL CVS APACHE_USER APACHE_GROUP
33PERL5_REQD+= 5.8.1 33PERL5_REQD+= 5.8.1
34 34
35PKG_USERS_VARS+= APACHE_USER 35PKG_USERS_VARS+= APACHE_USER
36PKG_GROUPS_VARS+= BZ_WEB_GROUP APACHE_GROUP 36PKG_GROUPS_VARS+= BZ_WEB_GROUP APACHE_GROUP
37 37
38MESSAGE_SUBST+= BZDIR=${BZDIR:Q} PKG_SYSCONFDIR=${PKG_SYSCONFDIR:Q} 38MESSAGE_SUBST+= BZDIR=${BZDIR:Q} PKG_SYSCONFDIR=${PKG_SYSCONFDIR:Q}
39 39
40BZDIR= ${PREFIX}/share/bugzilla 40BZDIR= ${PREFIX}/share/bugzilla
41EGDIR= ${PREFIX}/share/examples/bugzilla 41EGDIR= ${PREFIX}/share/examples/bugzilla
42DOCDIR= ${PREFIX}/share/doc/bugzilla 42DOCDIR= ${PREFIX}/share/doc/bugzilla
43CONF_FILES= ${EGDIR}/bugzilla.conf ${PKG_SYSCONFDIR}/bugzilla.conf 43CONF_FILES= ${EGDIR}/bugzilla.conf ${PKG_SYSCONFDIR}/bugzilla.conf
44CONF_FILES_PERMS= ${EGDIR}/localconfig ${BZDIR}/localconfig \ 44CONF_FILES_PERMS= ${EGDIR}/localconfig ${BZDIR}/localconfig \
45 ${APACHE_USER} ${SHAREGRP} 0400 45 ${APACHE_USER} ${SHAREGRP} 0400
46PAX_DIRS= Bugzilla skins template 46PAX_DIRS= Bugzilla skins template
47 47
48REPLACE_PERL+= *.pl *.cgi 48REPLACE_PERL+= *.pl *.cgi
49 49
50SUBST_CLASSES+= conf 50SUBST_CLASSES+= conf
51SUBST_STAGE.conf= pre-install 51SUBST_STAGE.conf= pre-install
52SUBST_MESSAGE.conf= Fixing configuration files. 52SUBST_MESSAGE.conf= Fixing configuration files.
53SUBST_FILES.conf= bugzilla.conf localconfig Bugzilla/BugMail.pm 53SUBST_FILES.conf= bugzilla.conf localconfig Bugzilla/BugMail.pm
54SUBST_SED.conf= -e "s|@BZ_WEB_GROUP@|${BZ_WEB_GROUP}|g" 54SUBST_SED.conf= -e "s|@BZ_WEB_GROUP@|${BZ_WEB_GROUP}|g"
55SUBST_SED.conf+= -e "s|@PREFIX@|${PREFIX}|g" 55SUBST_SED.conf+= -e "s|@PREFIX@|${PREFIX}|g"
56SUBST_SED.conf+= -e "s|@BZDIR@|${BZDIR}|g" 56SUBST_SED.conf+= -e "s|@BZDIR@|${BZDIR}|g"
57SUBST_SED.conf+= -e "s|@CVS@|${CVS}|g" 57SUBST_SED.conf+= -e "s|@CVS@|${CVS}|g"
58SUBST_SED.conf+= -e "s|@DBDRIVER@|${DBDRIVER}|g" 58SUBST_SED.conf+= -e "s|@DBDRIVER@|${DBDRIVER}|g"
59SUBST_SED.conf+= -e "s|/usr/lib/sendmail|${SENDMAIL}|g" 59SUBST_SED.conf+= -e "s|/usr/lib/sendmail|${SENDMAIL}|g"
60 60
61INSTALLATION_DIRS += ${DOCDIR} ${DOCDIR}/en ${EGDIR} ${BZDIR} ${BZDIR}/Bugzilla 61INSTALLATION_DIRS += ${DOCDIR} ${DOCDIR}/en ${EGDIR} ${BZDIR} ${BZDIR}/Bugzilla
62INSTALLATION_DIRS += ${BZDIR}/js ${BZDIR}/lib ${BZDIR}/template ${BZDIR}/skins 62INSTALLATION_DIRS += ${BZDIR}/js ${BZDIR}/lib ${BZDIR}/template ${BZDIR}/skins
63INSTALLATION_DIRS += ${BZDIR}/docs ${BZDIR}/docs/en ${BZDIR}/docs/en/html 63INSTALLATION_DIRS += ${BZDIR}/docs ${BZDIR}/docs/en ${BZDIR}/docs/en/html
64INSTALLATION_DIRS += ${BZDIR}/images ${BZDIR}/docs/en/html/api 64INSTALLATION_DIRS += ${BZDIR}/images ${BZDIR}/docs/en/html/api
65INSTALLATION_DIRS += ${BZDIR}/docs/en/html/api/Bugzilla 65INSTALLATION_DIRS += ${BZDIR}/docs/en/html/api/Bugzilla
66 66
67post-extract: 67post-extract:
68 ${FIND} ${WRKSRC} -type d -name CVS | ${XARGS} ${RM} -rf 68 ${FIND} ${WRKSRC} -type d -name CVS | ${XARGS} ${RM} -rf
69 ${FIND} ${WRKSRC} -type f -name ".cvsignore" | ${XARGS} ${RM} -f 69 ${FIND} ${WRKSRC} -type f -name ".cvsignore" | ${XARGS} ${RM} -f
70 ${CP} ${FILESDIR}/bugzilla.conf ${WRKSRC} 70 ${CP} ${FILESDIR}/bugzilla.conf ${WRKSRC}
71 ${CP} ${FILESDIR}/localconfig ${WRKSRC} 71 ${CP} ${FILESDIR}/localconfig ${WRKSRC}
72 72
73do-install: 73do-install:
74 74
75 ${INSTALL_DATA} ${WRKSRC}/docs/en/txt/Bugzilla-Guide.txt ${DESTDIR}${DOCDIR}/en 75 ${INSTALL_DATA} ${WRKSRC}/docs/en/txt/Bugzilla-Guide.txt ${DESTDIR}${DOCDIR}/en
76 ${INSTALL_DATA} ${WRKSRC}/docs/en/rel_notes.txt ${DESTDIR}${DOCDIR}/en 76 ${INSTALL_DATA} ${WRKSRC}/docs/en/rel_notes.txt ${DESTDIR}${DOCDIR}/en
77 ${INSTALL_DATA} ${WRKSRC}/QUICKSTART ${DESTDIR}${DOCDIR} 77 ${INSTALL_DATA} ${WRKSRC}/QUICKSTART ${DESTDIR}${DOCDIR}
78 ${INSTALL_DATA} ${WRKSRC}/README ${DESTDIR}${DOCDIR} 78 ${INSTALL_DATA} ${WRKSRC}/README ${DESTDIR}${DOCDIR}
79 ${INSTALL_DATA} ${WRKSRC}/UPGRADING ${DESTDIR}${DOCDIR} 79 ${INSTALL_DATA} ${WRKSRC}/UPGRADING ${DESTDIR}${DOCDIR}
80 ${INSTALL_DATA} ${WRKSRC}/UPGRADING-pre-2.8 ${DESTDIR}${DOCDIR} 80 ${INSTALL_DATA} ${WRKSRC}/UPGRADING-pre-2.8 ${DESTDIR}${DOCDIR}
81 81
82 ${INSTALL_SCRIPT} ${WRKSRC}/*.cgi ${DESTDIR}${BZDIR} 82 ${INSTALL_SCRIPT} ${WRKSRC}/*.cgi ${DESTDIR}${BZDIR}
83 ${INSTALL_SCRIPT} ${WRKSRC}/*.pl ${DESTDIR}${BZDIR} 83 ${INSTALL_SCRIPT} ${WRKSRC}/*.pl ${DESTDIR}${BZDIR}
84 ${INSTALL_DATA} ${WRKSRC}/robots.txt ${DESTDIR}${BZDIR} 84 ${INSTALL_DATA} ${WRKSRC}/robots.txt ${DESTDIR}${BZDIR}
85 ${INSTALL_DATA} ${WRKSRC}/bugzilla.dtd ${DESTDIR}${BZDIR} 85 ${INSTALL_DATA} ${WRKSRC}/bugzilla.dtd ${DESTDIR}${BZDIR}
86 ${INSTALL_DATA} ${WRKSRC}/duplicates.xul ${DESTDIR}${BZDIR} 86 ${INSTALL_DATA} ${WRKSRC}/duplicates.xul ${DESTDIR}${BZDIR}
87 ${INSTALL_DATA} ${WRKSRC}/Bugzilla.pm ${DESTDIR}${BZDIR} 87 ${INSTALL_DATA} ${WRKSRC}/Bugzilla.pm ${DESTDIR}${BZDIR}
88 88
89 ${INSTALL_DATA} ${WRKSRC}/bugzilla.conf ${DESTDIR}${EGDIR} 89 ${INSTALL_DATA} ${WRKSRC}/bugzilla.conf ${DESTDIR}${EGDIR}
90 ${INSTALL_DATA} ${WRKSRC}/localconfig ${DESTDIR}${EGDIR} 90 ${INSTALL_DATA} ${WRKSRC}/localconfig ${DESTDIR}${EGDIR}
91 91
92 ${INSTALL_DATA} ${WRKSRC}/images/*.png ${DESTDIR}${BZDIR}/images 92 ${INSTALL_DATA} ${WRKSRC}/images/*.png ${DESTDIR}${BZDIR}/images
93 ${INSTALL_DATA} ${WRKSRC}/js/*.js ${DESTDIR}${BZDIR}/js 93 ${INSTALL_DATA} ${WRKSRC}/js/*.js ${DESTDIR}${BZDIR}/js
94 ${INSTALL_DATA} ${WRKSRC}/docs/en/html/*.html ${DESTDIR}${BZDIR}/docs/en/html 94 ${INSTALL_DATA} ${WRKSRC}/docs/en/html/*.html ${DESTDIR}${BZDIR}/docs/en/html
95 ${INSTALL_DATA} ${WRKSRC}/docs/en/html/api/*.html ${DESTDIR}${BZDIR}/docs/en/html/api 95 ${INSTALL_DATA} ${WRKSRC}/docs/en/html/api/*.html ${DESTDIR}${BZDIR}/docs/en/html/api
96 ${INSTALL_DATA} ${WRKSRC}/docs/en/html/api/Bugzilla/*.html ${DESTDIR}${BZDIR}/docs/en/html/api/Bugzilla 96 ${INSTALL_DATA} ${WRKSRC}/docs/en/html/api/Bugzilla/*.html ${DESTDIR}${BZDIR}/docs/en/html/api/Bugzilla
97 97
98.for i in ${PAX_DIRS} 98.for i in ${PAX_DIRS}
99 cd ${WRKSRC}/${i} && pax -rw . ${DESTDIR}${BZDIR}/${i} 99 cd ${WRKSRC}/${i} && pax -rw . ${DESTDIR}${BZDIR}/${i}
100 ${FIND} ${DESTDIR}${BZDIR}/${i} -type f | ${XARGS} ${CHMOD} ${SHAREMODE} 100 ${FIND} ${DESTDIR}${BZDIR}/${i} -type f | ${XARGS} ${CHMOD} ${SHAREMODE}
101 ${FIND} ${DESTDIR}${BZDIR}/${i} -type d | ${XARGS} ${CHMOD} ${PKGDIRMODE} 101 ${FIND} ${DESTDIR}${BZDIR}/${i} -type d | ${XARGS} ${CHMOD} ${PKGDIRMODE}
102 ${CHOWN} -R ${SHAREOWN}:${SHAREGRP} ${DESTDIR}${BZDIR}/${i} 102 ${CHOWN} -R ${SHAREOWN}:${SHAREGRP} ${DESTDIR}${BZDIR}/${i}
103.endfor 103.endfor
104 104
105.include "../../mk/apache.mk" 105.include "../../mk/apache.mk"
106.include "../../mk/bsd.pkg.mk" 106.include "../../mk/bsd.pkg.mk"

cvs diff -r1.7 -r1.8 pkgsrc/devel/bugzilla3/distinfo (switch to unified diff)

--- pkgsrc/devel/bugzilla3/distinfo 2009/02/03 23:11:13 1.7
+++ pkgsrc/devel/bugzilla3/distinfo 2009/04/20 09:28:28 1.8
@@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
1$NetBSD: distinfo,v 1.7 2009/02/03 23:11:13 adrianp Exp $ 1$NetBSD: distinfo,v 1.8 2009/04/20 09:28:28 abs Exp $
2 2
3SHA1 (bugzilla-3.2.2.tar.gz) = 5ed149f1a457b6ab04f76346cfd5d54b5c06c2c3 3SHA1 (bugzilla-3.2.3.tar.gz) = ed55491f122225773111dec9d639aa4d1b137b34
4RMD160 (bugzilla-3.2.2.tar.gz) = e1c805d9f520c94f3f2aa739a36df82852306b9e 4RMD160 (bugzilla-3.2.3.tar.gz) = f22c1a2a6c04549cf6708c5bf1b845bf9ef1e0b4
5Size (bugzilla-3.2.2.tar.gz) = 2421709 bytes 5Size (bugzilla-3.2.3.tar.gz) = 2424838 bytes