From root@www.unix-experience.fr  Tue Jun 11 17:11:22 2013
Return-Path: <root@www.unix-experience.fr>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1])
	by hub.freebsd.org (Postfix) with ESMTP id BA9EB670
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 11 Jun 2013 17:11:22 +0000 (UTC)
	(envelope-from root@www.unix-experience.fr)
Received: from www.unix-experience.fr (unix-experience.fr [88.190.14.11])
	by mx1.freebsd.org (Postfix) with ESMTP id 88D7E1F56
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 11 Jun 2013 17:11:22 +0000 (UTC)
Received: by www.unix-experience.fr (Postfix, from userid 0)
	id C0F5F5CDFA; Tue, 11 Jun 2013 19:02:44 +0200 (CEST)
Message-Id: <20130611170244.C0F5F5CDFA@www.unix-experience.fr>
Date: Tue, 11 Jun 2013 19:02:44 +0200 (CEST)
From: Loic Blot <loic.blot@unix-experience.fr>
Reply-To: Loic Blot <loic.blot@unix-experience.fr>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: Security & stability fixes for owncloud
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         179494
>Category:       ports
>Synopsis:       Security & stability fixes for www/owncloud
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    culot
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Tue Jun 11 17:20:00 UTC 2013
>Closed-Date:    Tue Jun 11 21:06:58 UTC 2013
>Last-Modified:  Sun Jun 16 23:38:59 UTC 2013
>Originator:     Loic Blot
>Release:        FreeBSD 9.1-RELEASE amd64
>Organization:
Centre National de la Recherche Scientifique
>Environment:
System: FreeBSD www.unix-experience.fr 9.1-RELEASE FreeBSD 9.1-RELEASE #0 r243825: Tue Dec 4 09:23:10 UTC 2012 root@farrell.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64


>Description:
	New XSS vulnerabilites has been discovered. Some stability fix for IE & Safari
	It's very critical. Owncloud must be updated to 5.0.7 soon. 5.0.5 has too many bugs.
>How-To-Repeat:
>Fix:

	Here is a fix from previous commited 5.0.6 pr.
--- port.diff begins here ---
--- Makefile.old	2013-06-11 18:57:08.000000000 +0200
+++ Makefile	2013-06-11 18:58:12.000000000 +0200
@@ -1,7 +1,7 @@
 # $FreeBSD: www/owncloud/Makefile 316156 2013-05-14 16:20:08Z nerz $
 
 PORTNAME=	owncloud
-PORTVERSION=	5.0.6
+PORTVERSION=	5.0.7
 CATEGORIES=	www
 MASTER_SITES=	http://download.owncloud.org/community/
 
--- distinfo.old	2013-06-11 18:57:11.000000000 +0200
+++ distinfo	2013-06-11 18:58:06.000000000 +0200
@@ -1,2 +1,2 @@
-SHA256 (owncloud-5.0.6.tar.bz2) = 1017a62e64ca820c6bd42a4e1c58a644f487cd7c4d81fda2b7bc82f811a288a3 
-SIZE (owncloud-5.0.6.tar.bz2) = 13864664
+SHA256 (owncloud-5.0.7.tar.bz2) = 8329a2b8ee7da48111455aca299eacef68bde22c6e6494c3e9c41d4619e5083d
+SIZE (owncloud-5.0.7.tar.bz2) = 14016269
--- port.diff ends here ---


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->culot 
Responsible-Changed-By: culot 
Responsible-Changed-When: Tue Jun 11 19:07:38 UTC 2013 
Responsible-Changed-Why:  
I'll take it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=179494 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/179494: commit references a PR
Date: Tue, 11 Jun 2013 20:27:56 +0000 (UTC)

 Author: culot
 Date: Tue Jun 11 20:27:48 2013
 New Revision: 320636
 URL: http://svnweb.freebsd.org/changeset/ports/320636
 
 Log:
   - Update to 5.0.7
   
   Changes:	http://owncloud.org/changelog/
   
   Security:	oC-SA-2013-[019-028]
   Security:	CVE-2013-[2039-2045,2047-2048,2085-2086,2089,2149-2150]
   
   PR:		ports/178628
   PR:		ports/179494
   Submitted by: 	Loic Blot <loic.blot@unix-experience.fr>
   Approved by:	kevlo@ (maintainer, timeout)
 
 Modified:
   head/www/owncloud/Makefile
   head/www/owncloud/distinfo
 
 Modified: head/www/owncloud/Makefile
 ==============================================================================
 --- head/www/owncloud/Makefile	Tue Jun 11 19:45:36 2013	(r320635)
 +++ head/www/owncloud/Makefile	Tue Jun 11 20:27:48 2013	(r320636)
 @@ -1,7 +1,7 @@
  # $FreeBSD$
  
  PORTNAME=	owncloud
 -PORTVERSION=	5.0.5
 +PORTVERSION=	5.0.7
  CATEGORIES=	www
  MASTER_SITES=	http://download.owncloud.org/community/
  
 
 Modified: head/www/owncloud/distinfo
 ==============================================================================
 --- head/www/owncloud/distinfo	Tue Jun 11 19:45:36 2013	(r320635)
 +++ head/www/owncloud/distinfo	Tue Jun 11 20:27:48 2013	(r320636)
 @@ -1,2 +1,2 @@
 -SHA256 (owncloud-5.0.5.tar.bz2) = d1538f598f7b06a2d0494a9675a461e4bcd976e7e4ddf372efc1a2ec50007a31
 -SIZE (owncloud-5.0.5.tar.bz2) = 13865933
 +SHA256 (owncloud-5.0.7.tar.bz2) = 8329a2b8ee7da48111455aca299eacef68bde22c6e6494c3e9c41d4619e5083d
 +SIZE (owncloud-5.0.7.tar.bz2) = 14016269
 _______________________________________________
 svn-ports-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-ports-all
 To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: open->closed 
State-Changed-By: culot 
State-Changed-When: Tue Jun 11 21:06:58 UTC 2013 
State-Changed-Why:  
Committed. Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=179494 
>Unformatted:
