recomended!
From Security Advisory for Bugzilla:
: *** SECURITY ISSUES RESOLVED ***
:
: - Multiple instances of user-account hijacking capability were fixed (Bugs
: 54901, 108385, 185516)
:
: - Two occurrences of allowing data protected by Bugzilla's groupset
: restrictions to be visible to users outside of those groups were fixes
: (Bugs 102141, 108821)
:
: - One instance of an untrusted variable being echoed back to a user via
: HTML was fixed (Bug 98146)
:
: - Multiple instances of untrusted variables being passed to SQL queries
: were fixed (Bugs 108812, 108822, 109679, 109690)
* learn default distribution about some default FreeBSD settings
* add new option to setup XML modules used to export/import bugs to share
them between different Bugzilla instances
* use ${INSTALL_SCRIPT} rather than ${INSTALL}. Inspired by petef's letter.
This also caused me to think "when such complex system as FreeBSD ports
should do such simple things like prepearing of cap of coffee?"
* use ${INSTALL} directly instead of ${INSTALL_DATA} to preserve
exec permissions for scripts
* add post-install target to display pkg-message
* rewrite pkg-message to give minimal quick setup instructions
