From oz@nixil.net  Tue May 23 14:37:42 2006
Return-Path: <oz@nixil.net>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2893616A507
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 23 May 2006 14:37:42 +0000 (UTC)
	(envelope-from oz@nixil.net)
Received: from nixil.net (nixil.net [161.58.222.1])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0ADFE43D48
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 23 May 2006 14:37:40 +0000 (GMT)
	(envelope-from oz@nixil.net)
Received: from nixil.net (localhost [127.0.0.1])
	by nixil.net (8.13.6/8.13.1) with ESMTP id k4NEbeir083162
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT)
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 23 May 2006 08:37:40 -0600 (MDT)
Received: (from oz@localhost)
	by nixil.net (8.13.6/8.13.1/Submit) id k4NEberC083161;
	Tue, 23 May 2006 08:37:40 -0600 (MDT)
Message-Id: <200605231437.k4NEberC083161@nixil.net>
Date: Tue, 23 May 2006 08:37:40 -0600 (MDT)
From: Phil Oleson <oz@nixil.net>
Reply-To: Phil Oleson <oz@nixil.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: [PATCH] [SECURITY] www/mod_frontpage2-rtr upgrade to 5.0.2.4803
X-Send-Pr-Version: 3.113
X-GNATS-Notify: swhetzel@gmail.com, delphij@FreeBSD.org

>Number:         97693
>Category:       ports
>Synopsis:       [PATCH] [SECURITY] www/mod_frontpage2-rtr upgrade to 5.0.2.4803
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Tue May 23 14:40:15 GMT 2006
>Closed-Date:    Mon Jun 26 13:58:50 GMT 2006
>Last-Modified:  Mon Jun 26 13:58:50 GMT 2006
>Originator:     Phil Oleson
>Release:        FreeBSD 4.7-RELEASE-p28 i386
>Organization:
N/A
>Environment:
System: FreeBSD nixil.net 4.7-RELEASE-p28 FreeBSD 4.7-RELEASE-p28 #43: Wed Jul 20 09:35:30 MDT 2005 root@nixil.net:/usr/src/sys/compile/nixil i386

>Description:
	Upgrade to 5.0.2.4803 to fix Microsoft Security Bulletin MS06-017
>How-To-Repeat:
	N/A
>Fix:

	This patch will update FP to the latest patch rev.
BTW, we should look into possible mirror of these files, if possible because 
The Microsoft FrontPage 2002 Server Extensions for UNIX have an End-of-Life date of June 30, 2006

--- fp.patch begins here ---
diff -ruN mod_frontpage2-rtr.orig/Makefile mod_frontpage2-rtr/Makefile
--- mod_frontpage2-rtr.orig/Makefile	Tue May 23 01:17:49 2006
+++ mod_frontpage2-rtr/Makefile	Tue May 23 07:23:25 2006
@@ -2,12 +2,11 @@
 # Date created:         Tue Feb  4 13:59:20 CST 2003
 # Whom:                 hetzels@westbend.net
 #
-# $FreeBSD: ports/www/mod_frontpage2-rtr/Makefile,v 1.7 2006/05/23 07:17:49 simon Exp $
+# $FreeBSD: ports/www/mod_frontpage2-rtr/Makefile,v 1.6 2006/02/14 08:23:38 lawrance Exp $
 #
 
 PORTNAME=	mod_frontpage
-PORTVERSION=	5.0.2.2635
-PORTREVISION=	2
+PORTVERSION=	5.0.2.4803
 CATEGORIES=	www
 MASTER_SITES=	# Requries manual fetch of files from http://www.rtr.com/
 PKGNAMESUFFIX=	${AP_VERSION:S/+//}
@@ -15,8 +14,6 @@
 
 MAINTAINER=	swhetzel@gmail.com
 COMMENT=	Microsoft mod_frontpage (by RTR) for Apache ${FP_AP_VER}
-
-FORBIDDEN=	Remote code execution vulnerability
 
 RUN_DEPENDS=	${LOCALBASE}/${FP_SETPERM}:${PORTSDIR}/www/frontpage
 
diff -ruN mod_frontpage2-rtr.orig/distinfo mod_frontpage2-rtr/distinfo
--- mod_frontpage2-rtr.orig/distinfo	Wed Feb  9 13:13:26 2005
+++ mod_frontpage2-rtr/distinfo	Tue May 23 08:28:08 2006
@@ -1,8 +1,13 @@
-MD5 (fp5022635/fp50.alpha.tar.gz) = 63c26a9ff0b97b44692fd5717b892dc0
-SIZE (fp5022635/fp50.alpha.tar.gz) = 13245239
-MD5 (fp5022635/fp50.bsdi.tar.gz) = e1640a3d5eb06fbfe77827c68c387f64
-SIZE (fp5022635/fp50.bsdi.tar.gz) = 10484068
-MD5 (fp5022635/fp50.freebsd.tar.gz) = 15bb2e119f1c2c91a5f4855a0b8ca836
-SIZE (fp5022635/fp50.freebsd.tar.gz) = 10205076
-MD5 (fp5022635/fp50.solaris.tar.gz) = 98ef852e1db27ced23e7f5971146a4dd
-SIZE (fp5022635/fp50.solaris.tar.gz) = 11510762
+MD5 (fp5024803/fp50.alpha.tar.gz) = 14f7f18e18d36f1208524f88d53167fb
+SHA256 (fp5024803/fp50.alpha.tar.gz) = 6a9d2a1ae55a8ef260e59d98b8cf26ebf38f11123211c748647851526f1bd60b
+SIZE (fp5024803/fp50.alpha.tar.gz) = 13245946
+MD5 (fp5024803/fp50.bsdi.tar.gz) = ea789f27549835f41d7e54d7c73d98ce
+SHA256 (fp5024803/fp50.bsdi.tar.gz) = 002dd07212c060998742fe5fd781ecbd4226bab461c6704d451c378a548ad5e0
+SIZE (fp5024803/fp50.bsdi.tar.gz) = 10523532
+MD5 (fp5024803/fp50.freebsd.tar.gz) = f6754c6e25f252fe19b7dff047eecf39
+SHA256 (fp5024803/fp50.freebsd.tar.gz) = 97f8ec0368079c35a40a7f0afbe2e117bbc1c69a4774299c39490b0006015281
+SIZE (fp5024803/fp50.freebsd.tar.gz) = 10729480
+MD5 (fp5024803/fp50.solaris.tar.gz) = 7b7d8bc138459bb05185cf1f807d9f9c
+SHA256 (fp5024803/fp50.solaris.tar.gz) = f202e26434465fcec3e838b78fca40389d0d3f21b6ffa626bd533cc3f73c7b4f
+SIZE (fp5024803/fp50.solaris.tar.gz) = 11511771
+
--- fp.patch ends here ---


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback 
State-Changed-By: delphij 
State-Changed-When: Fri Jun 9 18:40:59 UTC 2006 
State-Changed-Why:  
Dear maintainer, 

Do you approve or disapprove the patch? 

http://www.freebsd.org/cgi/query-pr.cgi?pr=97693 
State-Changed-From-To: feedback->closed 
State-Changed-By: pav 
State-Changed-When: Mon Jun 26 13:58:42 UTC 2006 
State-Changed-Why:  
Port was updated to 4803 

http://www.freebsd.org/cgi/query-pr.cgi?pr=97693 
>Unformatted:
