From erwin@lemur.droso.net  Sat Mar 15 01:45:28 2003
Return-Path: <erwin@lemur.droso.net>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BF26A37B401
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 15 Mar 2003 01:45:28 -0800 (PST)
Received: from lemur.droso.net (lemur.droso.net [62.79.38.253])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 5C06A43FBD
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 15 Mar 2003 01:45:27 -0800 (PST)
	(envelope-from erwin@lemur.droso.net)
Received: from lemur.droso.net (lemur.droso.net [62.79.38.253])
	by lemur.droso.net (8.12.8/8.12.7) with ESMTP id h2F9jOou090216
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 15 Mar 2003 10:45:25 +0100 (CET)
	(envelope-from erwin@lemur.droso.net)
Received: (from root@localhost)
	by lemur.droso.net (8.12.8/8.12.8/Submit) id h2F9jOs0090215;
	Sat, 15 Mar 2003 10:45:24 +0100 (CET)
Message-Id: <200303150945.h2F9jOs0090215@lemur.droso.net>
Date: Sat, 15 Mar 2003 10:45:24 +0100 (CET)
From: Erwin Lansing <erwin@lansing.dk>
Reply-To: Erwin Lansing <erwin@lansing.dk>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: Security update to p5-Business-OnlinePayment-WorldPay-Junior-1.03 
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         50017
>Category:       ports
>Synopsis:       [repocopy waiting] Security update to p5-Business-OnlinePayment-WorldPay-Junior-1.03
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    edwin
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Sat Mar 15 01:50:13 PST 2003
>Closed-Date:    Thu Apr 03 17:32:06 PST 2003
>Last-Modified:  Thu Apr 03 17:32:06 PST 2003
>Originator:     Erwin Lansing
>Release:        FreeBSD 4.8-RC i386
>Organization:
pil.dk 
>Environment:
System: FreeBSD lemur.droso.net 4.8-RC FreeBSD 4.8-RC #15: Tue Mar 4 02:07:34 CET 2003 root@panda.droso.net:/usr/obj/usr/src/sys/PANDA i386


	
>Description:

In the words of the author:
"Please be advised that I have today made an important security update to
the module to fix a serious, remotely exploitable, bug in the module.
 
I have also renamed the module today to avoid namespace conflicts with the
Business::OnlinePayment API."

Requested by: Jason Clifford <jason@ukpost.com> (author)

>How-To-Repeat:
	
>Fix:

	

This diff is to misc/p5-Business-OnlinePayment-WorldPay-Junior. Please repocopy that port to
misc/p5-Business-WorldPay-Junior, remove the old port and apply the following diff.

Note: added file files/patch-Makefile.PL


--- p5-Business-WorldPay-Junior.diff begins here ---
diff -ruN p5-Business-OnlinePayment-WorldPay-Junior/Makefile p5-Business-WorldPay-Junior/Makefile
--- p5-Business-OnlinePayment-WorldPay-Junior/Makefile	Thu Feb 20 19:46:29 2003
+++ p5-Business-WorldPay-Junior/Makefile	Sat Mar 15 10:40:28 2003
@@ -5,24 +5,31 @@
 # $FreeBSD: ports/misc/p5-Business-OnlinePayment-WorldPay-Junior/Makefile,v 1.4 2003/02/20 18:46:29 knu Exp $
 #
 
-PORTNAME=	Business-OnlinePayment-WorldPay-Junior
-PORTVERSION=	1.03
+PORTNAME=	Business-WorldPay-Junior
+PORTVERSION=	1.06
 CATEGORIES=	misc perl5
 MASTER_SITES=	${MASTER_SITE_PERL_CPAN}
 MASTER_SITE_SUBDIR=	Business
 PKGNAMEPREFIX=	p5-
 
 MAINTAINER=	ports@FreeBSD.org
-COMMENT=	An Business::OnlinePayment backend module for a WorldPay Select Junior service
+COMMENT=	Perl module to handle WorldPay Junior for payment services
 
 BUILD_DEPENDS=	${SITE_PERL}/Business/CreditCard.pm:${PORTSDIR}/misc/p5-Business-CreditCard \
-		${SITE_PERL}/Business/OnlinePayment.pm:${PORTSDIR}/misc/p5-Business-OnlinePayment
+		${SITE_PERL}/Business/OnlinePayment.pm:${PORTSDIR}/misc/p5-Business-OnlinePayment \
+		${SITE_PERL}/${PERL_ARCH}/DBI.pm:${PORTSDIR}/databases/p5-DBI
 RUN_DEPENDS=	${BUILD_DEPENDS}
 
 PERL_CONFIGURE=	yes
 SITE_PERL=	${LOCALBASE}/lib/perl5/site_perl/${PERL_VER}
 MAN3PREFIX=	${PREFIX}/lib/perl5/${PERL_VERSION}
 
-MAN3=		Business::OnlinePayment::WorldPay::Junior.3
+MAN3=		Business::WorldPay::Junior.3
+
+post-patch:
+	@${PERL} -pi -e 's/^our\s+([\$$\@\%]\w+)/use vars qw($$1);$$1/;' \
+		-e '$$_="" if /use 5/;' \
+		-e '$$_="" if /use warnings/;' \
+		${WRKSRC}/Junior.pm
 
 .include <bsd.port.mk>
diff -ruN p5-Business-OnlinePayment-WorldPay-Junior/distinfo p5-Business-WorldPay-Junior/distinfo
--- p5-Business-OnlinePayment-WorldPay-Junior/distinfo	Thu Oct 24 20:07:00 2002
+++ p5-Business-WorldPay-Junior/distinfo	Sat Mar 15 10:23:49 2003
@@ -1 +1 @@
-MD5 (Business-OnlinePayment-WorldPay-Junior-1.03.tar.gz) = 3683f9ea4baf1e3e15e658518dd32051
+MD5 (Business-WorldPay-Junior-1.06.tar.gz) = bcd9b98d21cedcac5fb8b7da0e0012f6
diff -ruN p5-Business-OnlinePayment-WorldPay-Junior/files/patch-Makefile.PL p5-Business-WorldPay-Junior/files/patch-Makefile.PL
--- p5-Business-OnlinePayment-WorldPay-Junior/files/patch-Makefile.PL	Thu Jan  1 01:00:00 1970
+++ p5-Business-WorldPay-Junior/files/patch-Makefile.PL	Sat Mar 15 10:40:21 2003
@@ -0,0 +1,13 @@
+--- Makefile.PL.orig	Fri Mar 14 11:35:10 2003
++++ Makefile.PL	Sat Mar 15 10:40:05 2003
+@@ -3,9 +3,6 @@
+ # the contents of the Makefile that is written.
+ WriteMakefile(
+     'NAME'		=> 'Business::WorldPay::Junior',
+-    'VERSION_FROM'	=> 'Junior.pm', # finds $VERSION
++    'VERSION'		=> '1.06',
+     'PREREQ_PM'		=> {}, # e.g., Module::Name => 1.1
+-    ($] >= 5.005 ?    ## Add these new keywords supported since 5.005
+-      (ABSTRACT_FROM => 'Junior.pm', # retrieve abstract from module
+-       AUTHOR     => 'Jason Clifford <jason@jasonclifford.com>') : ()),
+ );
diff -ruN p5-Business-OnlinePayment-WorldPay-Junior/pkg-descr p5-Business-WorldPay-Junior/pkg-descr
--- p5-Business-OnlinePayment-WorldPay-Junior/pkg-descr	Thu Oct 24 20:07:00 2002
+++ p5-Business-WorldPay-Junior/pkg-descr	Sat Mar 15 10:37:26 2003
@@ -5,3 +5,5 @@
 then verify the callback data supplied by WorldPay after a payment has been
 made. The module is designed with the requirement to immediately verify that
 a payment has been made and is as expected in mind.
+
+WWW: http://search.cpan.org/dist/Business-WorldPay-Junior/
diff -ruN p5-Business-OnlinePayment-WorldPay-Junior/pkg-plist p5-Business-WorldPay-Junior/pkg-plist
--- p5-Business-OnlinePayment-WorldPay-Junior/pkg-plist	Thu Oct 24 20:07:00 2002
+++ p5-Business-WorldPay-Junior/pkg-plist	Sat Mar 15 10:35:06 2003
@@ -1,17 +1,20 @@
-lib/perl5/site_perl/%%PERL_VER%%/Business/OnlinePayment/WorldPay/Junior.pm
-lib/perl5/site_perl/%%PERL_VER%%/Business/OnlinePayment/WorldPay/get-rates.pl
-lib/perl5/site_perl/%%PERL_VER%%/auto/Business/OnlinePayment/WorldPay/Junior/authorised.al
-lib/perl5/site_perl/%%PERL_VER%%/auto/Business/OnlinePayment/WorldPay/Junior/autosplit.ix
-lib/perl5/site_perl/%%PERL_VER%%/auto/Business/OnlinePayment/WorldPay/Junior/callback.al
-lib/perl5/site_perl/%%PERL_VER%%/auto/Business/OnlinePayment/WorldPay/Junior/db_connect.al
-lib/perl5/site_perl/%%PERL_VER%%/auto/Business/OnlinePayment/WorldPay/Junior/errstr.al
-lib/perl5/site_perl/%%PERL_VER%%/auto/Business/OnlinePayment/WorldPay/Junior/exchange_rate.al
-lib/perl5/site_perl/%%PERL_VER%%/auto/Business/OnlinePayment/WorldPay/Junior/new.al
-lib/perl5/site_perl/%%PERL_VER%%/auto/Business/OnlinePayment/WorldPay/Junior/register.al
-lib/perl5/site_perl/%%PERL_VER%%/auto/Business/OnlinePayment/WorldPay/Junior/valid_callback_host.al
-lib/perl5/site_perl/%%PERL_VER%%/%%PERL_ARCH%%/auto/Business/OnlinePayment/WorldPay/Junior/.packlist
-@dirrm lib/perl5/site_perl/%%PERL_VER%%/%%PERL_ARCH%%/auto/Business/OnlinePayment/WorldPay/Junior
-@dirrm lib/perl5/site_perl/%%PERL_VER%%/%%PERL_ARCH%%/auto/Business/OnlinePayment/WorldPay
-@dirrm lib/perl5/site_perl/%%PERL_VER%%/auto/Business/OnlinePayment/WorldPay/Junior
-@dirrm lib/perl5/site_perl/%%PERL_VER%%/auto/Business/OnlinePayment/WorldPay
-@dirrm lib/perl5/site_perl/%%PERL_VER%%/Business/OnlinePayment/WorldPay
+%%SITE_PERL%%/auto/Business/WorldPay/Junior/new.al
+%%SITE_PERL%%/auto/Business/WorldPay/Junior/callback.al
+%%SITE_PERL%%/auto/Business/WorldPay/Junior/valid_callback_host.al
+%%SITE_PERL%%/auto/Business/WorldPay/Junior/register.al
+%%SITE_PERL%%/auto/Business/WorldPay/Junior/authorised.al
+%%SITE_PERL%%/auto/Business/WorldPay/Junior/errstr.al
+%%SITE_PERL%%/auto/Business/WorldPay/Junior/exchange_rate.al
+%%SITE_PERL%%/auto/Business/WorldPay/Junior/db_connect.al
+%%SITE_PERL%%/auto/Business/WorldPay/Junior/autosplit.ix
+%%SITE_PERL%%/%%PERL_ARCH%%/auto/Business/WorldPay/Junior/.packlist
+%%SITE_PERL%%/Business/WorldPay/Junior.pm
+%%SITE_PERL%%/Business/WorldPay/get-rates.pl
+lib/perllocal.pod-Business-WorldPay-Junior
+@dirrm %%SITE_PERL%%/auto/Business/WorldPay/Junior
+@dirrm %%SITE_PERL%%/auto/Business/WorldPay
+@dirrm %%SITE_PERL%%/Business/WorldPay
+@unexec rmdir %D/%%SITE_PERL%%/auto/Business 2>/dev/null || true
+@dirrm %%SITE_PERL%%/%%PERL_ARCH%%/auto/Business/WorldPay/Junior
+@dirrm %%SITE_PERL%%/%%PERL_ARCH%%/auto/Business/WorldPay
+@unexec rmdir %D/%%SITE_PERL%%/%%PERL_ARCH%%/auto/Business 2>/dev/null || true
--- p5-Business-WorldPay-Junior.diff ends here ---


>Release-Note:
>Audit-Trail:

From: Erwin Lansing <erwin@lansing.dk>
To: FreeBSD-gnats-submit@FreeBSD.org
Cc:  
Subject: Re: ports/50017: Security update to p5-Business-OnlinePayment-WorldPay-Junior-1.03
Date: Sat, 15 Mar 2003 10:53:00 +0100

 --wRRV7LY7NUeQGEoC
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 Content-Transfer-Encoding: quoted-printable
 
 On Sat, Mar 15, 2003 at 10:45:24AM +0100, Erwin Lansing wrote:
 >=20
 > This diff is to misc/p5-Business-OnlinePayment-WorldPay-Junior. Please re=
 pocopy that port to
 > misc/p5-Business-WorldPay-Junior, remove the old port and apply the follo=
 wing diff.
 >=20
 
 Please use revised diff which removes some unnecessary dependencies at
 http://panda.droso.net/~erwin/p5-Business-WorldPay-Junior.diff
 
 Cheers,
 -erwin
 
 --=20
                     _._     _,-'""`-._
 Erwin Lansing      (,-.`._,'(       |\`-/|    http://droso.org/
 erwin@lansing.dk       `-.-' \ )-`( , o o)    http://fnidder.dk/
                     -bf-      `-    \`_`"'-
 
 --wRRV7LY7NUeQGEoC
 Content-Type: application/pgp-signature
 Content-Disposition: inline
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.2.1 (FreeBSD)
 
 iD8DBQE+cvf8qy9aWxUlaZARAnO3AJ0Q9elX9Ci5m+Ac7CvJ/AJwaMfJ8QCg0KKz
 qIqJVpAsaIPW0Wevne4bLdU=
 =ZvP6
 -----END PGP SIGNATURE-----
 
 --wRRV7LY7NUeQGEoC--
Responsible-Changed-From-To: freebsd-ports-bugs->edwin 
Responsible-Changed-By: edwin 
Responsible-Changed-When: Wed Apr 2 03:32:48 PST 2003 
Responsible-Changed-Why:  
Requested repocopy 

http://www.freebsd.org/cgi/query-pr.cgi?pr=50017 

From: Erwin Lansing <erwin@lansing.dk>
To: freebsd-gnats-submit@freebsd.org
Cc:  
Subject: Re: ports/50017: Security update to p5-Business-OnlinePayment-WorldPay-Junior-1.03
Date: Thu, 3 Apr 2003 11:30:39 +0200

 On Sat, Mar 15, 2003 at 10:45:24AM +0100, Erwin Lansing wrote:
 > 
 > This diff is to misc/p5-Business-OnlinePayment-WorldPay-Junior. Please repocopy that port to
 > misc/p5-Business-WorldPay-Junior, remove the old port and apply the following diff.
 > 
 > Note: added file files/patch-Makefile.PL
 > 
 Following ports/50557, move this port to the finance category and some
 Makefile cleanup while I'm here.
 
 New patches at:
 http://panda.droso.net/~erwin/p5-Business-WorldPay-Junior.diff
 http://panda.droso.net/~erwin/patch-Makefile.PL
 
 -- 
                     _._     _,-'""`-._
 Erwin Lansing      (,-.`._,'(       |\`-/|    http://droso.org/
 erwin@lansing.dk       `-.-' \ )-`( , o o)    http://fnidder.dk/
                     -bf-      `-    \`_`"'-
State-Changed-From-To: open->closed 
State-Changed-By: edwin 
State-Changed-When: Thu Apr 3 17:32:02 PST 2003 
State-Changed-Why:  
Commited, thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=50017 
>Unformatted:
