Sat May 7 10:30:37 2011 UTC ()
Pullup ticket #3422 - requested by obache
databases/p5-Jifty-DBI: security update

Revisions pulled up:
- databases/p5-Jifty-DBI/Makefile                               1.7
- databases/p5-Jifty-DBI/distinfo                               1.5

---
   Module Name:	pkgsrc
   Committed By:	obache
   Date:		Thu May  5 11:36:40 UTC 2011

   Modified Files:
   	pkgsrc/databases/p5-Jifty-DBI: Makefile distinfo

   Log Message:
   Update p5-Jifty-DBI to 0.68.

   0.68 2011-04-14
   - Security:
        * Prevent SQL injection in column names, operators, order and group by
          (Alex Vandiver)
        * Fix distinct_query to catch injection and correctly rewrite to
          function => '' (Alex Vandiver)
        * Prevent SQL injection via IS

   - Fixes:
        * There is no need to check $args{column} around our LIKE adjustments
          (Alex Vandiver)
        * Slightly unify nigh-identical codepaths between Pg and Oracle
          (Alex Vandiver)

   0.67 2011-02-28
   - Features:
        * Make ->distinct_column_values use ->simple_query, thus going through our
          SQL logging infrastructure (Alex Vandiver)

   - Fixes:
        * Set raw_values in load_by_hash so the __raw_value method works when the
          record is loaded by a collection (Thomas Sibley)

   - Tests:
        * Author tests for no tabs (Shawn M Moore)

   0.66 2011-02-14
   - Features:
        * Provide a sane way to wrap a function around an aliased column in order_by
        * Pass old_value to triggers on column update

   - Fixes:
        * Respect the 'by' attribute for refers_to columns in create and set
        * Use the right FK when using a record object in load_by_cols or
          limit [rt.cpan.org #64779]
        * Don't encode fields when attempting to limit with IS
        * Fix since/till by refactoring columns to use an updated all_columns

   - Installation:
        * Only run these URI filter tests if we have URI [rt.cpan.org #65047]

   0.64 Wed Dec  8 15:21:17 EST 2010
   - Installation:
        * Minor distribution fixes

   0.63 Wed Dec  8 15:14:17 EST 2010
   - Features:
        * distinct_column_values method, docs and tests

   - Fixes:
        * Warn about load(arg => value)
        * Include column_name in the value passed to reader warning
        * It is a rare but possible case that 0 is a valid id
        * Ensure encode_base64 doesn't choke on utf8

   0.62 Thu May 20 13:58:53 EST 2010
   - Features:
        * Computed columns let you have the Jifty-DBI scaffolding but without
          touching the database
        * Column->is_boolean

   - Fixes:
        * Don't attempt to store undef values in memcached
        * Avoid undef warnings

   0.61 Mon Jan  4 13:04:20 EST 2010
   - Installation:
        * Minor distribution fixes

   0.60 Mon Jan  4 13:02:17 EST 2010
   - Features:
        * Allow passing of extra parameters to canonicalizers
        * Add an attribute which controls placeholder use for load_by_cols

   - Fixes:
        * Don't add LOWER() on <= or >= operators, only = and !=
        * Better case sensitivity tests
        * Expose quote_value() on Jifty::DBI::Handle
        * When generating COUT, don't add a DISTINCT unless needed
        * Fix t/12prefetch.t's assumptions on row ordering


(tron)
diff -r1.6 -r1.6.6.1 pkgsrc/databases/p5-Jifty-DBI/Makefile
diff -r1.4 -r1.4.12.1 pkgsrc/databases/p5-Jifty-DBI/distinfo
cvs diff -r1.6 -r1.6.6.1 pkgsrc/databases/p5-Jifty-DBI/Makefile (expand / switch to unified diff)

--- pkgsrc/databases/p5-Jifty-DBI/Makefile 2010/08/21 16:33:02 1.6
+++ pkgsrc/databases/p5-Jifty-DBI/Makefile 2011/05/07 10:30:37 1.6.6.1
@@ -1,47 +1,46 @@ @@ -1,47 +1,46 @@
1# $NetBSD: Makefile,v 1.6 2010/08/21 16:33:02 seb Exp $ 1# $NetBSD: Makefile,v 1.6.6.1 2011/05/07 10:30:37 tron Exp $
2 2
3DISTNAME= Jifty-DBI-0.59 3DISTNAME= Jifty-DBI-0.68
4PKGNAME= p5-${DISTNAME} 4PKGNAME= p5-${DISTNAME}
5PKGREVISION= 1 
6CATEGORIES= databases perl5 5CATEGORIES= databases perl5
7MASTER_SITES= ${MASTER_SITE_PERL_CPAN:=Jifty/} 6MASTER_SITES= ${MASTER_SITE_PERL_CPAN:=Jifty/}
8 7
9MAINTAINER= pkgsrc-users@NetBSD.org 8MAINTAINER= pkgsrc-users@NetBSD.org
10HOMEPAGE= http://search.cpan.org/dist/Jifty-DBI/ 9HOMEPAGE= http://search.cpan.org/dist/Jifty-DBI/
11COMMENT= Perl 5 object-relational persistence framework 10COMMENT= Perl 5 object-relational persistence framework
12LICENSE= ${PERL5_LICENSE} 11LICENSE= ${PERL5_LICENSE}
13 12
14PKG_DESTDIR_SUPPORT= user-destdir 13PKG_DESTDIR_SUPPORT= user-destdir
15 14
16USE_LANGUAGES= # empty 15USE_LANGUAGES= # empty
17PERL5_PACKLIST= auto/Jifty/DBI/.packlist 16PERL5_PACKLIST= auto/Jifty/DBI/.packlist
18 17
19DEPENDS+= p5-Cache-Memcached-[0-9]*:../../devel/p5-Cache-Memcached 18DEPENDS+= p5-Cache-Memcached-[0-9]*:../../devel/p5-Cache-Memcached
20DEPENDS+= p5-Cache-Simple-TimedExpiry>=0.21:../../devel/p5-Cache-Simple-TimedExpiry 19DEPENDS+= p5-Cache-Simple-TimedExpiry>=0.21:../../devel/p5-Cache-Simple-TimedExpiry
21DEPENDS+= p5-Class-Accessor-[0-9]*:../../devel/p5-Class-Accessor 20DEPENDS+= p5-Class-Accessor-[0-9]*:../../devel/p5-Class-Accessor
22DEPENDS+= p5-Class-Data-Inheritable-[0-9]*:../../devel/p5-Class-Data-Inheritable 21DEPENDS+= p5-Class-Data-Inheritable-[0-9]*:../../devel/p5-Class-Data-Inheritable
23DEPENDS+= p5-Class-ReturnValue>=0.40:../../devel/p5-Class-ReturnValue 22DEPENDS+= p5-Class-ReturnValue>=0.40:../../devel/p5-Class-ReturnValue
24DEPENDS+= p5-Class-Trigger>=0.12:../../devel/p5-Class-Trigger 23DEPENDS+= p5-Class-Trigger>=0.12:../../devel/p5-Class-Trigger
25DEPENDS+= p5-Clone-[0-9]*:../../devel/p5-Clone 24DEPENDS+= p5-Clone-[0-9]*:../../devel/p5-Clone
26DEPENDS+= p5-DBD-SQLite-[0-9]*:../../databases/p5-DBD-SQLite 25BUILD_DEPENDS+= p5-DBD-SQLite>=1.14:../../databases/p5-DBD-SQLite
27DEPENDS+= p5-DBI-[0-9]*:../../databases/p5-DBI 26DEPENDS+= p5-DBI-[0-9]*:../../databases/p5-DBI
28DEPENDS+= p5-DBIx-DBSchema>=0.34:../../databases/p5-DBIx-DBSchema 27DEPENDS+= p5-DBIx-DBSchema>=0.34:../../databases/p5-DBIx-DBSchema
29DEPENDS+= p5-Data-Page-[0-9]*:../../devel/p5-Data-Page 28DEPENDS+= p5-Data-Page-[0-9]*:../../devel/p5-Data-Page
30DEPENDS+= p5-DateTime-Format-ISO8601-[0-9]*:../../time/p5-DateTime-Format-ISO8601 29DEPENDS+= p5-DateTime-Format-ISO8601-[0-9]*:../../time/p5-DateTime-Format-ISO8601
31DEPENDS+= p5-DateTime-Format-Strptime-[0-9]*:../../time/p5-DateTime-Format-Strptime 30DEPENDS+= p5-DateTime-Format-Strptime-[0-9]*:../../time/p5-DateTime-Format-Strptime
32DEPENDS+= p5-DateTime>=0.34:../../time/p5-DateTime 31DEPENDS+= p5-DateTime>=0.34:../../time/p5-DateTime
33DEPENDS+= p5-Encode>=2.10:../../textproc/p5-Encode 32DEPENDS+= p5-Encode>=2.10:../../textproc/p5-Encode
34DEPENDS+= p5-Exporter-Lite-[0-9]*:../../devel/p5-Exporter-Lite 33DEPENDS+= p5-Exporter-Lite-[0-9]*:../../devel/p5-Exporter-Lite
35DEPENDS+= p5-Hash-Merge-[0-9]*:../../devel/p5-Hash-Merge 34DEPENDS+= p5-Hash-Merge-[0-9]*:../../devel/p5-Hash-Merge
36DEPENDS+= p5-Lingua-EN-Inflect-[0-9]*:../../textproc/p5-Lingua-EN-Inflect 35DEPENDS+= p5-Lingua-EN-Inflect-[0-9]*:../../textproc/p5-Lingua-EN-Inflect
37DEPENDS+= p5-Object-Declare>=0.22:../../devel/p5-Object-Declare 36DEPENDS+= p5-Object-Declare>=0.22:../../devel/p5-Object-Declare
38DEPENDS+= p5-Scalar-Defer>=0.10:../../devel/p5-Scalar-Defer 37DEPENDS+= p5-Scalar-Defer>=0.10:../../devel/p5-Scalar-Defer
39DEPENDS+= p5-Test-Warn>=0.10:../../devel/p5-Test-Warn 38BUILD_DEPENDS+= p5-Test-Warn>=0.10:../../devel/p5-Test-Warn
40DEPENDS+= p5-Time-Duration-Parse>=0.05:../../time/p5-Time-Duration-Parse 39DEPENDS+= p5-Time-Duration-Parse>=0.06:../../time/p5-Time-Duration-Parse
41DEPENDS+= p5-Time-Duration-[0-9]*:../../time/p5-Time-Duration 40DEPENDS+= p5-Time-Duration-[0-9]*:../../time/p5-Time-Duration
42DEPENDS+= p5-UNIVERSAL-require>=0.11:../../devel/p5-UNIVERSAL-require 41DEPENDS+= p5-UNIVERSAL-require>=0.11:../../devel/p5-UNIVERSAL-require
43DEPENDS+= p5-URI-[0-9]*:../../www/p5-URI 42DEPENDS+= p5-URI-[0-9]*:../../www/p5-URI
44DEPENDS+= p5-YAML-Syck-[0-9]*:../../textproc/p5-YAML-Syck 43DEPENDS+= p5-YAML-Syck-[0-9]*:../../textproc/p5-YAML-Syck
45 44
46.include "../../lang/perl5/module.mk" 45.include "../../lang/perl5/module.mk"
47.include "../../mk/bsd.pkg.mk" 46.include "../../mk/bsd.pkg.mk"
cvs diff -r1.4 -r1.4.12.1 pkgsrc/databases/p5-Jifty-DBI/distinfo (expand / switch to unified diff)

--- pkgsrc/databases/p5-Jifty-DBI/distinfo 2009/11/22 21:55:44 1.4
+++ pkgsrc/databases/p5-Jifty-DBI/distinfo 2011/05/07 10:30:37 1.4.12.1
@@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
1$NetBSD: distinfo,v 1.4 2009/11/22 21:55:44 seb Exp $ 1$NetBSD: distinfo,v 1.4.12.1 2011/05/07 10:30:37 tron Exp $
2 2
3SHA1 (Jifty-DBI-0.59.tar.gz) = 779c98c408520ae60b9587b4a2d5ccec7ea93c74 3SHA1 (Jifty-DBI-0.68.tar.gz) = 4f2d2c10f225a8e10afc04fb2745e99bd3dd5d4b
4RMD160 (Jifty-DBI-0.59.tar.gz) = ff359b198fc8c5db2358dad42e427caaca3285c0 4RMD160 (Jifty-DBI-0.68.tar.gz) = 792b78332b0c9900e2c87af202a1a45a994db521
5Size (Jifty-DBI-0.59.tar.gz) = 151892 bytes 5Size (Jifty-DBI-0.68.tar.gz) = 163841 bytes