summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbsiegert <bsiegert>2015-10-26 21:01:16 +0000
committerbsiegert <bsiegert>2015-10-26 21:01:16 +0000
commit9cc63e0d1f0a6c983d44d3a864c39ab59356418f (patch)
treeac025b740d18d8d870045eb44e91f5051b9be9b9
parent87230c43ff02ff22472654c26ed6dfc678cc7717 (diff)
downloadpkgsrc-9cc63e0d1f0a6c983d44d3a864c39ab59356418f.tar.gz
Pullup ticket #4845 - requested by taca
www/drupal7: security fix Revisions pulled up: - www/drupal7/Makefile 1.34-1.35 - www/drupal7/PLIST 1.13 - www/drupal7/distinfo 1.27-1.28 --- Module Name: pkgsrc Committed By: wen Date: Sun Oct 18 03:30:53 UTC 2015 Modified Files: pkgsrc/www/drupal7: Makefile PLIST distinfo Log Message: Update to 7.40 Upstream changes: Drupal 7.40, 2015-10-14 ----------------------- - Made Drupal's code for parsing .info files run much faster and use much less memory. - Prevented drupal_http_request() from returning an error when it receives a 201 through 206 HTTP status code. - Added support for autoloading traits via the registry on sites running PHP 5.4 or higher. - Allowed the user-picture.tpl.php theme template to have HTML classes besides the default "user-picture" class printed in it (markup change). - Fixed the URL text filter to convert e-mail addresses with plus signs into mailto: links. - Added alternate text to file icons displayed by the File module, to improve accessibility (string change, and minor API addition to theme_file_icon()). - Changed one-time login link failure messages to be displayed as errors or warnings as appropriate, rather than as regular status messages (minor UI change and data structure change). - Changed the default settings.php configuration to exclude private files from the "404_fast_paths" behavior. - Changed the page that displays filter tips for a particular text format, for example filter/tips/full_html, to return "page not found" or "access denied" if the format does not exist or the user does not have access to it. This change adds a new menu item to the Filter module's hook_menu() entry (minor data structure change). - Added a new hook, hook_block_cid_parts_alter(), to allow modules to alter the cache keys used for caching a particular block. - Made drupal_set_message() display and return messages when "0" is passed in as the message to set. - Fixed non-functional "Files displayed by default" setting on file fields. - The "worker callback" provided in hook_cron_queue_info() and the "finished" callback specified during batch processing can now be any PHP callable instead of just functions. - Prevented drupal_set_time_limit() from decreasing the time limit in the case where the PHP maximum execution time is already unlimited. - Changed the default thousand marker for numeric fields from a space ("1 000") to nothing ("1000") (minor UI change: https://www.drupal.org/node/1388376). - Prevented malformed theme .info files (without a "name" key) from causing exceptions during menu rebuilds. If an .info file without a "name" key is found in a module or theme directory, Drupal will now use the module or theme's machine name as the display name instead. - Made the format column in the {date_format_locale} database table case-sensitive, to match the equivalent column in the {date_formats} table. - Fixed a bug in the Statistics module that caused JavaScript files attached to a node while it is being viewed to be omitted from the page. - Added an optional 'project:' prefix that can be added to dependencies in a module's .info file to indicate which project the dependency resides in (API addition: https://www.drupal.org/node/2299747). - Fixed various bugs that occurred after hooks were invoked early in the Drupal bootstrap and that caused module_implements() and drupal_alter() to cache an incomplete set of hook implementations for later use. - Set the X-Content-Type-Options header to "nosniff" when possible, to prevent certain web browsers from picking an unsafe MIME type. - Prevented the database API from executing multiple queries at once on MySQL, if the site's PHP version is new enough to do so. This is a secondary defense against SQL injection (API change: https://www.drupal.org/node/2463973). - Fixed a bug in the Drupal 6 to Drupal 7 upgrade path which caused the upgrade to fail when there were multiple file records pointing to the same file. - Numerous small bug fixes. - Numerous API documentation improvements. - Additional automated test coverage. --- Module Name: pkgsrc Committed By: taca Date: Thu Oct 22 09:59:44 UTC 2015 Modified Files: pkgsrc/www/drupal7: Makefile distinfo Log Message: Update drupal7 to 7.41. Drupal 7.41, 2015-10-21 ----------------------- - Fixed security issues (open redirect). See SA-CORE-2015-004.
-rw-r--r--www/drupal7/Makefile4
-rw-r--r--www/drupal7/PLIST13
-rw-r--r--www/drupal7/distinfo9
3 files changed, 18 insertions, 8 deletions
diff --git a/www/drupal7/Makefile b/www/drupal7/Makefile
index f2f4507f1ff..71ecf9763b4 100644
--- a/www/drupal7/Makefile
+++ b/www/drupal7/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.33 2015/08/20 15:34:11 taca Exp $
+# $NetBSD: Makefile,v 1.33.2.1 2015/10/26 21:01:16 bsiegert Exp $
-DISTNAME= drupal-7.39
+DISTNAME= drupal-7.41
CATEGORIES= www
MASTER_SITES= http://ftp.drupal.org/files/projects/
diff --git a/www/drupal7/PLIST b/www/drupal7/PLIST
index 984da09ed6b..2c354af08ba 100644
--- a/www/drupal7/PLIST
+++ b/www/drupal7/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.12 2015/06/18 11:44:04 taca Exp $
+@comment $NetBSD: PLIST,v 1.12.4.1 2015/10/26 21:01:16 bsiegert Exp $
share/doc/drupal/CHANGELOG.txt
share/doc/drupal/COPYRIGHT.txt
share/doc/drupal/INSTALL.mysql.txt
@@ -636,6 +636,11 @@ share/drupal/modules/simpletest/tests/batch.test
share/drupal/modules/simpletest/tests/batch_test.callbacks.inc
share/drupal/modules/simpletest/tests/batch_test.info
share/drupal/modules/simpletest/tests/batch_test.module
+share/drupal/modules/simpletest/tests/boot.test
+share/drupal/modules/simpletest/tests/boot_test_1.info
+share/drupal/modules/simpletest/tests/boot_test_1.module
+share/drupal/modules/simpletest/tests/boot_test_2.info
+share/drupal/modules/simpletest/tests/boot_test_2.module
share/drupal/modules/simpletest/tests/bootstrap.test
share/drupal/modules/simpletest/tests/cache.test
share/drupal/modules/simpletest/tests/common.test
@@ -654,6 +659,7 @@ share/drupal/modules/simpletest/tests/drupal_autoload_test/drupal_autoload_test.
share/drupal/modules/simpletest/tests/drupal_autoload_test/drupal_autoload_test.module
share/drupal/modules/simpletest/tests/drupal_autoload_test/drupal_autoload_test_class.inc
share/drupal/modules/simpletest/tests/drupal_autoload_test/drupal_autoload_test_interface.inc
+share/drupal/modules/simpletest/tests/drupal_autoload_test/drupal_autoload_test_trait.sh
share/drupal/modules/simpletest/tests/drupal_system_listing_compatible_test/drupal_system_listing_compatible_test.info
share/drupal/modules/simpletest/tests/drupal_system_listing_compatible_test/drupal_system_listing_compatible_test.module
share/drupal/modules/simpletest/tests/drupal_system_listing_incompatible_test/drupal_system_listing_incompatible_test.info
@@ -695,6 +701,7 @@ share/drupal/modules/simpletest/tests/menu_test.info
share/drupal/modules/simpletest/tests/menu_test.module
share/drupal/modules/simpletest/tests/module.test
share/drupal/modules/simpletest/tests/module_test.file.inc
+share/drupal/modules/simpletest/tests/module_test.implementations.inc
share/drupal/modules/simpletest/tests/module_test.info
share/drupal/modules/simpletest/tests/module_test.install
share/drupal/modules/simpletest/tests/module_test.module
@@ -732,6 +739,8 @@ share/drupal/modules/simpletest/tests/system_incompatible_module_version_depende
share/drupal/modules/simpletest/tests/system_incompatible_module_version_dependencies_test.module
share/drupal/modules/simpletest/tests/system_incompatible_module_version_test.info
share/drupal/modules/simpletest/tests/system_incompatible_module_version_test.module
+share/drupal/modules/simpletest/tests/system_project_namespace_test.info
+share/drupal/modules/simpletest/tests/system_project_namespace_test.module
share/drupal/modules/simpletest/tests/system_test.info
share/drupal/modules/simpletest/tests/system_test.module
share/drupal/modules/simpletest/tests/tablesort.test
@@ -943,6 +952,7 @@ share/drupal/modules/user/user.pages.inc
share/drupal/modules/user/user.permissions.js
share/drupal/modules/user/user.test
share/drupal/modules/user/user.tokens.inc
+share/drupal/profiles/README.txt
share/drupal/profiles/minimal/minimal.info
share/drupal/profiles/minimal/minimal.install
share/drupal/profiles/minimal/minimal.profile
@@ -1080,4 +1090,3 @@ share/drupal/update.php
share/drupal/xmlrpc.php
share/examples/drupal/default.settings.php
share/examples/drupal/drupal.conf
-@pkgdir share/drupal/files
diff --git a/www/drupal7/distinfo b/www/drupal7/distinfo
index 1528c7df2c6..27fc799d877 100644
--- a/www/drupal7/distinfo
+++ b/www/drupal7/distinfo
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.26 2015/08/20 15:34:11 taca Exp $
+$NetBSD: distinfo,v 1.26.2.1 2015/10/26 21:01:16 bsiegert Exp $
-SHA1 (drupal-7.39.tar.gz) = 82cc4177502bc44f6bfe880311e0d81815e68f0f
-RMD160 (drupal-7.39.tar.gz) = cc9c78e446eaee12a8a6f40436c6588ff4892819
-Size (drupal-7.39.tar.gz) = 3249343 bytes
+SHA1 (drupal-7.41.tar.gz) = 2f1f93e17b5d1b04e0abed6a37b22dbee26a0b38
+RMD160 (drupal-7.41.tar.gz) = 19d30f67dabbda2df6980bc35e886f43ab021595
+SHA512 (drupal-7.41.tar.gz) = 57ee4fb1044d958a9f5698d2046fcd69427be6da30c57918735ced3fc7dbe1ffc4c69cac8362cd668ef0769d78b20461d78905f7e91212062e56351818dfbaf9
+Size (drupal-7.41.tar.gz) = 3257325 bytes