14:31 Mathieu Arnold (mat) 

Remove # $FreeBSD$ from Makefiles.

    305f148

06:58 sunpoet 

- Remove unnecessary PERL_LEVEL check
- Add NO_ARCH
- Convert to new options helper
- Use bsd.port.mk instead of bsd.port.pre.mk + bsd.port.post.mk

With hat:	perl
Approved by:	portmgr (blanket)

 

16:07 ohauer 

- update to 4.4.9

 

15:03 ohauer 

- update to 4.0.12, 4.2.8, 4.4.3
- move BINMODE to Makefile.common so it is also used in the language packs

Security:	CVE-2014-1517
Security:	608ed765-c700-11e3-848c-20cf30e32f6d
Security:	60bfa396-c702-11e3-848c-20cf30e32f6d

 

19:35 ohauer 

- update to latest release [1]
- use PKGNAMESUFFIX instead LATEST_LINK
- whitespace cleanup
- svn mv */bugzilla to */bugzilla40
- add vuxml entry

4.4.1, 4.2.7, and 4.0.11 Security Advisory
Wednesday Oct 16th, 2013

Summary
=======

Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issues have been discovered
in Bugzilla:

* A CSRF vulnerability in process_bug.cgi affecting Bugzilla 4.4 only
  can lead to a bug being edited without the user consent.

* A CSRF vulnerability in attachment.cgi can lead to an attachment
  being edited without the user consent.

* Several unfiltered parameters when editing flagtypes can lead to XSS.

* Due to an incomplete fix for CVE-2012-4189, some incorrectly filtered
  field values in tabular reports can lead to XSS.

All affected installations are encouraged to upgrade as soon as
possible.

[1]  even bugzilla40 gets upstream fixes an upgrade to bugzilla42/44 is
recommend

Security:	vid e135f0c9-375f-11e3-80b7-20cf30e32f6d
		CVE-2013-1733
		CVE-2013-1734
		CVE-2013-1742
		CVE-2013-1743

 

19:00 ohauer 

- add STAGE support to bugzilla ports
- remove bugzilla3 CONFLICTS

 

22:21 ohauer 

New ports for bugzilla44
- devel/bugzilla44
- japanese/bugzilla44
- german/bugzilla44

Release Notes:
http://www.bugzilla.org/releases/4.4/release-notes.html