19:35 ohauer 

- update to latest release [1]
- use PKGNAMESUFFIX instead LATEST_LINK
- whitespace cleanup
- svn mv */bugzilla to */bugzilla40
- add vuxml entry

4.4.1, 4.2.7, and 4.0.11 Security Advisory
Wednesday Oct 16th, 2013

Summary
=======

Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issues have been discovered
in Bugzilla:

* A CSRF vulnerability in process_bug.cgi affecting Bugzilla 4.4 only
  can lead to a bug being edited without the user consent.

* A CSRF vulnerability in attachment.cgi can lead to an attachment
  being edited without the user consent.

* Several unfiltered parameters when editing flagtypes can lead to XSS.

* Due to an incomplete fix for CVE-2012-4189, some incorrectly filtered
  field values in tabular reports can lead to XSS.

All affected installations are encouraged to upgrade as soon as
possible.

[1]  even bugzilla40 gets upstream fixes an upgrade to bugzilla42/44 is
recommend

Security:	vid e135f0c9-375f-11e3-80b7-20cf30e32f6d
		CVE-2013-1733
		CVE-2013-1734
		CVE-2013-1742
		CVE-2013-1743

 

10:38 ohauer 

- fix typo in OPTION group

 

21:54 ohauer 

- use OPTION_GROUP in all devel/bugzilla ports
- s/CONFLICTS/CONFLICTS_INSTALL/
- use easier CONFLICT notation (future proof)
- trim Makefile.common header
- update russian/bugzilla42 language template to version 4.2.6

 

21:37 ohauer 

- new port bugzilla42

New Features and Improvements:
- Experimental SQLite Support
- Creating an Attachment by Pasting Text Into a Text Field
- HTML Bugmail (default: on  can be disabled in user preference)
- Improved Searching System
- Disabling Old Components, Versions and Milestones
- Displaying a Custom Field Value Based on Multiple Values of Another Field
- Auditing of All Changes Within Bugzilla
- Accessibility Improvements

And many other Improvements, for complete list see:
 http://www.bugzilla.org/releases/4.2.1/release-notes.html