notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
This referral link gives you 10% off a Fastmail.com account and gives me a discount on my Fastmail account.

Get notified when packages are built

A new feature has been added. FreshPorts already tracks package built by the FreeBSD project. This information is displayed on each port page. You can now get an email when FreshPorts notices a new package is available for something on one of your watch lists. However, you must opt into that. Click on Report Subscriptions on the right, and New Package Notification box, and click on Update.

Finally, under Watch Lists, click on ABI Package Subscriptions to select your ABI (e.g. FreeBSD:14:amd64) & package set (latest/quarterly) combination for a given watch list. This is what FreshPorts will look for.

non port: devel/bugzilla3/distinfo

Number of commits found: 10

Wednesday, 20 Feb 2013
06:16 ohauer search for other commits by this committer
- update bugzilla ports to latest version

  Bugzilla 4.0.10 and 3.6.13 are security updates for the 4.0
  branch and the 3.6 branch, respectively. 4.0.10 contains several
  useful bug fixes and 3.6.13 contains only security fixes.

Security:	CVE-2013-0785
		CVE-2013-0786
Original commitRevision:312611 
Wednesday, 14 Nov 2012
19:29 ohauer search for other commits by this committer
- bugzilla security updates to version(s)
  3.6.11, 4.0.8, 4.2.4

Summary
=======

The following security issues have been discovered in Bugzilla:

* Confidential product and component names can be disclosed to
  unauthorized users if they are used to control the visibility of
  a custom field.

* When calling the 'User.get' WebService method with a 'groups'
  argument, it is possible to check if the given group names exist
  or not.

* Due to incorrectly filtered field values in tabular reports, it is
  possible to inject code which can lead to XSS.

* When trying to mark an attachment in a bug you cannot see as
  obsolete, the description of the attachment is disclosed in the
  error message.

* A vulnerability in swfstore.swf from YUI2 can lead to XSS.

Feature safe: yes

Security:	CVE-2012-4199
		https://bugzilla.mozilla.org/show_bug.cgi?id=731178

		CVE-2012-4198
		https://bugzilla.mozilla.org/show_bug.cgi?id=781850

		CVE-2012-4189
		https://bugzilla.mozilla.org/show_bug.cgi?id=790296

		CVE-2012-4197
		https://bugzilla.mozilla.org/show_bug.cgi?id=802204

		CVE-2012-5475
		https://bugzilla.mozilla.org/show_bug.cgi?id=808845
		http://yuilibrary.com/support/20121030-vulnerability/
Original commitRevision:307425 
Saturday, 1 Sep 2012
20:16 ohauer search for other commits by this committer
- update bugzilla bugzilla3 and bugzilla42
- use new bugzilla@ address (members skv@, tota@, ohauer@)
- patch russian/japanese/german bugzilla and bugzilla templates
  so the reflect the security updates in the original templates
- patch german/bugzilla42 templates
- adopt new Makefile header

	vuxml: 6ad18fe5-f469-11e1-920d-20cf30e32f6d
	CVE: CVE-2012-3981
	https://bugzilla.mozilla.org/show_bug.cgi?id=785470
	https://bugzilla.mozilla.org/show_bug.cgi?id=785522
	https://bugzilla.mozilla.org/show_bug.cgi?id=785511
Original commitRevision:303519 
Friday, 27 Jul 2012
21:34 ohauer search for other commits by this committer
- security update bugzilla
  new Versions: 3.6.10, 4.0.7, 4.2.2

  4.2.2

  This release fixes two security issues. See the Security Advisory for details.

  In addition, the following important fixes/changes have been made in this
release:

  o A regression introduced in Bugzilla 4.0 caused some login names to be
ignored
    when entered in the CC list of bugs. (Bug 756314)
  o Some queries could trigger an invalid SQL query if strings entered by the
user
    contained leading or trailing whitespaces. (Bug 760075)
  o The auto-completion form for keywords no longer automatically selects the
    first keyword in the list when the field is empty. (Bug 764517)
  o A regression in Bugzilla 4.2 prevented classifications from being used in
    graphical and tabular reports in the "Multiple Tables" field. (Bug 753688)
  o Attachments created by the email_in.pl script were associated to the wrong
    comment. (Bug 762785)
  o Very long dependency lists can now be viewed correctly. (Bug 762783)
  o Keywords are now correctly escaped in the auto-completion form to prevent
any
    XSS abuse. (Bug 754561)
  o A regression introduced in Bugzilla 4.0rc2 when fixing CVE-2011-0046 caused
    the "Un-forget the search" link to not work correctly anymore when restoring
a
    deleted saved search, because this link was lacking a valid token. (Bug
768870)
  o Two minor CSRF vulnerabilities have been fixed which could let an attacker
    alter your default search criteria in the Advanced Search page. (Bugs 754672
    and 754673)

  4.0.7

  This release fixes one security issue. See the Security Advisory for details.

  In addition, the following bugs have been fixed in this release:

  o A regression introduced in Bugzilla 4.0 caused some login names to be
ignored
    when entered in the CC list of bugs. (Bug 756314)
  o Keywords are now correctly escaped in the auto-complete form to prevent any
    XSS abuse. (Bug 754561)
  o A regression introduced in Bugzilla 4.0rc2 when fixing CVE-2011-0046 caused
    the "Un-forget the search" link to not work correctly anymore when restoring
a
    deleted saved search, because this link was lacking a valid token. (Bug
768870)

  3.6.10

  This release fixes one security issue. See the Security Advisory for details.
  http://www.bugzilla.org/security/3.6.9/

Approved by:	implicit skv@ (bugzilla / bugzilla3)
Security:	CVE-2012-1968
		CVE-2012-1969
		https://bugzilla.mozilla.org/show_bug.cgi?id=777398
		https://bugzilla.mozilla.org/show_bug.cgi?id=777586
		vid=58253655-d82c-11e1-907c-20cf30e32f6d
Original commit
Saturday, 21 Apr 2012
17:37 ohauer search for other commits by this committer
- security update to bugzilla 3.0.9 and 4.0.6
- update russian/bugzilla3-ru template
- patch german templates so revision match and no warning is displayed
- add vuxml entry

Approved by:    skv (implicit)
Security:       https://bugzilla.mozilla.org/show_bug.cgi?id=728639
                https://bugzilla.mozilla.org/show_bug.cgi?id=745397
                CVE-2012-0465
                CVE-2012-0466
Original commit
Monday, 6 Feb 2012
12:08 skv search for other commits by this committer
Update to 3.6.8

Changes:       
http://www.bugzilla.org/releases/3.6.8/release-notes.html#v36_point
Security:      
http://www.vuxml.org/freebsd/309542b5-50b9-11e1-b0d8-00151735203a.html
Original commit
Thursday, 5 Jan 2012
17:25 ohauer search for other commits by this committer
- update to version 3.6.7
- CVE-2011-3657
- CVE-2011-3667

Summary
=======

The following security issues have been discovered in Bugzilla:

* When viewing tabular or graphical reports as well as new charts,
  an XSS vulnerability is possible in debug mode.

* The User.offer_account_by_email WebService method lets you create
  a new user account even if the active authentication method forbids
  users to create an account.

* A CSRF vulnerability in post_bug.cgi and in attachment.cgi could
  lead to the creation of unwanted bug reports and attachments.

All affected installations are encouraged to upgrade as soon as possible.

Full Release Notes:
http://www.bugzilla.org/security/3.4.12/

Approved by:    skv@ (explicit)
Original commit
Saturday, 13 Aug 2011
18:25 skv search for other commits by this committer
Update to 3.6.6

Changes:        http://www.bugzilla.org/releases/3.6.6/release-notes.html
Security:      
http://www.vuxml.org/freebsd/dc8741b9-c5d5-11e0-8a8e-00151735203a.html
Original commit
Monday, 18 Jul 2011
21:56 ohauer search for other commits by this committer
- create missing (empty) directory (bugzilla) so checksetup does not fail
- use DIST_SUBDIR for bugzilla and all translations
- sort pkg-plist (genplist)

OK from bugzilla maintainers per PM.

PR:             ports/158766
Submitted by:   ohauer
Original commit
Tuesday, 7 Jun 2011
13:30 skv search for other commits by this committer
- Copy devel/bugzilla to devel/bugzilla3; russian/bugzilla-ru to
russian/bugzilla3-ru
- Update devel/bugzilla, russian/bugzilla-ru to 4.0.1
- Update devel/bugzilla3, russian/bugzilla3-ru to 3.6.5

Changes:        http://www.bugzilla.org/releases/4.0.1/release-notes.html
                http://www.bugzilla.org/releases/3.6.5/release-notes.html
Original commit

Number of commits found: 10