From nobody@FreeBSD.org  Tue Mar 30 05:55:56 2004
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0232616A4CE
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 30 Mar 2004 05:55:56 -0800 (PST)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D786E43D2D
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 30 Mar 2004 05:55:55 -0800 (PST)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.12.10/8.12.10) with ESMTP id i2UDtt72032076
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 30 Mar 2004 05:55:55 -0800 (PST)
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.12.10/8.12.10/Submit) id i2UDttEs032075;
	Tue, 30 Mar 2004 05:55:55 -0800 (PST)
	(envelope-from nobody)
Message-Id: <200403301355.i2UDttEs032075@www.freebsd.org>
Date: Tue, 30 Mar 2004 05:55:55 -0800 (PST)
From: Kang Liu <liukang@bjpu.edu.cn>
To: freebsd-gnats-submit@FreeBSD.org
Subject: [maintainer] update www/phpbb to 2.0.8a
X-Send-Pr-Version: www-2.3

>Number:         64939
>Category:       ports
>Synopsis:       [maintainer] update www/phpbb to 2.0.8a
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Tue Mar 30 06:00:30 PST 2004
>Closed-Date:    Tue Mar 30 13:33:42 PST 2004
>Last-Modified:  Tue Mar 30 13:33:42 PST 2004
>Originator:     Kang Liu
>Release:        4.9
>Organization:
Beijing University of Technology
>Environment:
4.9-STABLE
>Description:
1. Update phpbb to 2.0.8a
2. Remove temporary patch for SQL injection in privmsg.php. The new release has fixed this vulnerability.
3. Bump PORTREVISION
>How-To-Repeat:
n/a
>Fix:
Index: distinfo
===================================================================
RCS file: /home/ncvs/ports/www/phpbb/distinfo,v
retrieving revision 1.12
diff -u -r1.12 distinfo
--- distinfo	26 Mar 2004 17:06:30 -0000	1.12
+++ distinfo	30 Mar 2004 13:32:42 -0000
@@ -1,2 +1,2 @@
-MD5 (phpBB-2.0.8.tar.bz2) = 20d9e163e3f3b575639c2a1fbd9e8690
-SIZE (phpBB-2.0.8.tar.bz2) = 456585
+MD5 (phpBB-2.0.8a.tar.bz2) = 44d33a5851800f8f278d3c100fb2fcb3
+SIZE (phpBB-2.0.8a.tar.bz2) = 457308
Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/www/phpbb/Makefile,v
retrieving revision 1.21
diff -u -r1.21 Makefile
--- Makefile	27 Mar 2004 15:07:16 -0000	1.21
+++ Makefile	30 Mar 2004 13:48:59 -0000
@@ -7,11 +7,11 @@
 
 PORTNAME=	phpbb
 PORTVERSION=	2.0.8
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	www
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE}
 MASTER_SITE_SUBDIR=	${PORTNAME}
-DISTNAME=	phpBB-${PORTVERSION}
+DISTNAME=	phpBB-${PORTVERSION}a
 
 MAINTAINER=	liukang@bjpu.edu.cn
 COMMENT=	A PHP-based bulletin board / discussion forum system
@@ -61,7 +61,6 @@
 post-patch:
 	@ ${REINPLACE_CMD} -e "s#\.\./templates#/${PHPBBURL}/templates#" \
 	  ${WRKSRC}/docs/*.html
-	@ ${RM} ${WRKSRC}/*.orig
 
 post-configure:
 	@ ${SED} \

--- files/patch-privmsg.php	Sat Mar 27 23:07:16 2004
+++ /dev/null	Tue Mar 30 21:33:27 2004
@@ -1,21 +0,0 @@
---- privmsg.php	2004-03-18 19:51:32.000000000 +0000
-+++ privmsg.1.php	2004-03-26 19:51:07.000000000 +0000
-@@ -212,7 +212,17 @@
- 			break;
- 		case 'savebox':
- 			$l_box_name = $lang['Savebox'];
--			$pm_sql_user .= "AND ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . "
-+			
-+			//
-+			// For some obscure reason, the assignment 
-+			// concatenation operator was coded below, which 
-+			// allowed an attacker to append arbitrary SQL code
-+			// to the end of the $pm_sql_user variable.
-+			// This is fixed below.
-+			//
-+			// -shaun2k2
-+			//
-+			$pm_sql_user = "AND ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . "
- 					AND pm.privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) 
- 				OR ( pm.privmsgs_from_userid = " . $userdata['user_id'] . "
- 					AND pm.privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " ) 

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: pav 
State-Changed-When: Tue Mar 30 13:33:34 PST 2004 
State-Changed-Why:  
Committed, thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=64939 
>Unformatted:
