FreeBSD Monitor
2014-10-31 15:43:25
www/davical: Reorganize port to fix DOCS option, Fix Mac OS contacts.app

The DOCS option dumped the critical dba directory along with non-docs
directories scripts and config into DOCSDIR, which resulted in a broken
port if the user turned off the DOCS option.

Reorganize the port to put dba and scripts in DATADIR, and config in
EXAMPLESDIR and add the EXAMPLES option. While here, use the @sample
keyword, clean up @dirrm, and tweak a bit.

The second PR fixes vcards on DAVICal servers for Mac OS 10.9.

PR: 187112
PR: 186502
2014-10-31 15:40:27
TWiki: fix CVE-2014-7236

This is remote Perl code execution via crafted GET variable "debugenableplugins",
http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-7236

MFH: 2014Q4
Security: 21ce1840-6107-11e4-9e84-0022156e8794
2014-10-31 15:38:00
VuXML: document remote Perl code execution in TWiki

Crafted GET parameter "debugenableplugins" can be used to trigger
code execution,
http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-7236