From 17b35bf4eb673045ba72b7905bcd190ef5ec1f80 Mon Sep 17 00:00:00 2001 From: Matthew Seaman Date: Fri, 20 Jun 2014 23:07:24 +0000 Subject: MFH: r358641,r358643 Fix botched initial attempt at MFH Security update to 4.2.4 - while here switch plist to use @sample The advisories: PMASA-2014-2 and PMASA-2014-3, have not been published yet, so there is very little concrete information about what the security problems are. About all there is comes from the change log, where the security issues are listed as: - bug #4464 [security] XSS injection due to unescaped db/table name in navigation hiding - bug #4465 [security] XSS injection due to unescaped db/table name in recent/favorite tables ChaneLog: http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.4/phpMyAdmin-4.2.4-notes.html/view Approved by: portmgr --- databases/phpmyadmin/Makefile | 4 ++-- databases/phpmyadmin/distinfo | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/databases/phpmyadmin/Makefile b/databases/phpmyadmin/Makefile index 684eef9428e1..fa7b9a0ae9a2 100644 --- a/databases/phpmyadmin/Makefile +++ b/databases/phpmyadmin/Makefile @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= phpMyAdmin -DISTVERSION= 4.1.12 +DISTVERSION= 4.2.4 CATEGORIES= databases www MASTER_SITES= SF/${PORTNAME:L}/${PORTNAME}/${DISTVERSION} DISTNAME= ${PORTNAME}-${DISTVERSION}-all-languages @@ -25,7 +25,7 @@ USE_PHP= ctype session filter mbstring json spl # FONTCONFIG in the graphics/gd port options. OPTIONS_DEFINE= APC BZ2 GD MCRYPT OPENSSL PDF XML ZIP ZLIB -OPTIONS_DEFAULT= APC BZ2 GD MCRYPT MYSQLI OPENSSL PDF XML ZIP ZLIB +OPTIONS_DEFAULT= BZ2 GD MCRYPT OPENSSL XML ZIP ZLIB OPTIONS_MULTI= DB_connect OPTIONS_MULTI_DB_connect= MYSQL MYSQLI diff --git a/databases/phpmyadmin/distinfo b/databases/phpmyadmin/distinfo index 0f1078b1738a..7114b90ec894 100644 --- a/databases/phpmyadmin/distinfo +++ b/databases/phpmyadmin/distinfo @@ -1,2 +1,2 @@ -SHA256 (phpMyAdmin-4.1.12-all-languages.tar.xz) = c91d37d9c61fa84e741423173474e5d2fde8f7e450169328c776e5485ebb3c18 -SIZE (phpMyAdmin-4.1.12-all-languages.tar.xz) = 4872100 +SHA256 (phpMyAdmin-4.2.4-all-languages.tar.xz) = aebcd7cfabd4993405340ecb2b76ce0cb4ab345a817ae7c371a830e22b2c2513 +SIZE (phpMyAdmin-4.2.4-all-languages.tar.xz) = 5176840 -- cgit v1.2.3