diff options
Diffstat (limited to 'www/phpbb')
| -rw-r--r-- | www/phpbb/Makefile | 8 | ||||
| -rw-r--r-- | www/phpbb/files/security-patch-includes-sessions.php (renamed from www/phpbb/files/patch-includes-sessions.php) | 0 |
2 files changed, 8 insertions, 0 deletions
diff --git a/www/phpbb/Makefile b/www/phpbb/Makefile index 0490e4d65982..a629909a6f27 100644 --- a/www/phpbb/Makefile +++ b/www/phpbb/Makefile @@ -7,6 +7,7 @@ PORTNAME= phpbb PORTVERSION= 2.0.20 +PORTREVISION= 1 CATEGORIES= www MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} MASTER_SITE_SUBDIR= ${PORTNAME} @@ -31,6 +32,13 @@ WWWGRP?= www # # End of user-configurable variables. +# XXX The phpBB folks does not seem to care about the session table DoS +# issue. You can disable the patch at your own risk to make the +# visual authentication work. +.if !defined(WITHOUT_ANTI_SESSIONTAB_DOS_PATCH) +EXTRA_PATCHES= ${FILESDIR}/security-patch-includes-sessions.php +.endif + # Set/override/append to variables from bsd.port.mk: # WRKSRC= ${WRKDIR}/phpBB2 diff --git a/www/phpbb/files/patch-includes-sessions.php b/www/phpbb/files/security-patch-includes-sessions.php index a84aa2f04322..a84aa2f04322 100644 --- a/www/phpbb/files/patch-includes-sessions.php +++ b/www/phpbb/files/security-patch-includes-sessions.php |