- update to 4.0.5

Vulnerability Details
=====================

Class:       Cross-Site Request Forgery
Versions:    4.0.2 to 4.0.4, 4.1.1 to 4.2rc2
Fixed In:    4.0.5, 4.2
Description: Due to a lack of validation of the enctype form
             attribute when making POST requests to xmlrpc.cgi,
             a possible CSRF vulnerability was discovered. If a user
             visits an HTML page with some malicious HTML code in it,
             an attacker could make changes to a remote Bugzilla installation
             on behalf of the victim's account by using the XML-RPC API
             on a site running mod_perl. Sites running under mod_cgi
             are not affected. Also the user would have had to be
             already logged in to the target site for the vulnerability
             to work.
References:  https://bugzilla.mozilla.org/show_bug.cgi?id=725663
CVE Number:  CVE-2012-0453

Approved by:	skv (implicit)

2 files changed, 3 insertions, 3 deletions

diff --git a/german/bugzilla/Makefile b/german/bugzilla/Makefile
index 4da95136a02b..96d74d485465 100644
--- a/german/bugzilla/Makefile
+++ b/german/bugzilla/Makefile
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	bugzilla
-PORTVERSION=	4.0.4
+PORTVERSION=	4.0.5
 CATEGORIES=	german
 MASTER_SITES=	SF
 MASTER_SITE_SUBDIR=bugzilla-de/${PORTVERSION:R}/${PORTVERSION}
diff --git a/german/bugzilla/distinfo b/german/bugzilla/distinfo
index 3b3260cdfd4e..0903b4ed35ca 100644
--- a/german/bugzilla/distinfo
+++ b/german/bugzilla/distinfo
@@ -1,2 +1,2 @@
-SHA256 (bugzilla/germzilla-4.0.4-1.utf-8.tar.gz) = 41bd9d9155df1fa686ef2a04baf30d3c2bf29e88f7bfb29703ca4065cdb578bb
-SIZE (bugzilla/germzilla-4.0.4-1.utf-8.tar.gz) = 264093
+SHA256 (bugzilla/germzilla-4.0.5-1.utf-8.tar.gz) = 4bb1b085e040eef4cef0612104cc7a03bb8db48f309644d69e6a716b5407572a
+SIZE (bugzilla/germzilla-4.0.5-1.utf-8.tar.gz) = 264181