Index: devel/bugzilla/Makefile
===================================================================
RCS file: /home/pcvs/ports/devel/bugzilla/Makefile,v
retrieving revision 1.92
diff -u -r1.92 Makefile
--- devel/bugzilla/Makefile	10 Apr 2012 05:15:47 -0000	1.92
+++ devel/bugzilla/Makefile	21 Apr 2012 11:36:17 -0000
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	bugzilla
-PORTVERSION=	4.0.5
+PORTVERSION=	4.0.6
 CATEGORIES=	devel
 MASTER_SITES=	${MASTER_SITE_MOZILLA}
 MASTER_SITE_SUBDIR=	webtools webtools/archived
Index: devel/bugzilla/distinfo
===================================================================
RCS file: /home/pcvs/ports/devel/bugzilla/distinfo,v
retrieving revision 1.49
diff -u -r1.49 distinfo
--- devel/bugzilla/distinfo	10 Apr 2012 05:15:47 -0000	1.49
+++ devel/bugzilla/distinfo	21 Apr 2012 11:36:17 -0000
@@ -1,2 +1,2 @@
-SHA256 (bugzilla/bugzilla-4.0.5.tar.gz) = 7583f2e7d8c74aa29e8583230024970b420f45f230538273b8eac4cd7c36acbe
-SIZE (bugzilla/bugzilla-4.0.5.tar.gz) = 2900587
+SHA256 (bugzilla/bugzilla-4.0.6.tar.gz) = f1894a2b05556b2074b6b1e3c7230c52d458b9bb22737845c12c8c84e15fe22e
+SIZE (bugzilla/bugzilla-4.0.6.tar.gz) = 2964924
Index: devel/bugzilla/pkg-plist
===================================================================
RCS file: /home/pcvs/ports/devel/bugzilla/pkg-plist,v
retrieving revision 1.41
diff -u -r1.41 pkg-plist
--- devel/bugzilla/pkg-plist	5 Jan 2012 17:25:28 -0000	1.41
+++ devel/bugzilla/pkg-plist	21 Apr 2012 11:36:17 -0000
@@ -795,7 +795,6 @@
 %%WWWDIR%%/template/en/default/list/list.csv.tmpl
 %%WWWDIR%%/template/en/default/list/list.html.tmpl
 %%WWWDIR%%/template/en/default/list/list.ics.tmpl
-%%WWWDIR%%/template/en/default/list/list.js.tmpl
 %%WWWDIR%%/template/en/default/list/list.rdf.tmpl
 %%WWWDIR%%/template/en/default/list/quips.html.tmpl
 %%WWWDIR%%/template/en/default/list/server-push.html.tmpl
Index: devel/bugzilla3/Makefile
===================================================================
RCS file: /home/pcvs/ports/devel/bugzilla3/Makefile,v
retrieving revision 1.89
diff -u -r1.89 Makefile
--- devel/bugzilla3/Makefile	6 Feb 2012 12:08:25 -0000	1.89
+++ devel/bugzilla3/Makefile	21 Apr 2012 11:36:17 -0000
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	bugzilla
-PORTVERSION=	3.6.8
+PORTVERSION=	3.6.9
 CATEGORIES=	devel
 MASTER_SITES=	${MASTER_SITE_MOZILLA}
 MASTER_SITE_SUBDIR=	webtools webtools/archived
Index: devel/bugzilla3/distinfo
===================================================================
RCS file: /home/pcvs/ports/devel/bugzilla3/distinfo,v
retrieving revision 1.48
diff -u -r1.48 distinfo
--- devel/bugzilla3/distinfo	6 Feb 2012 12:08:25 -0000	1.48
+++ devel/bugzilla3/distinfo	21 Apr 2012 11:36:17 -0000
@@ -1,2 +1,2 @@
-SHA256 (bugzilla/bugzilla-3.6.8.tar.gz) = a07efee28c905d3b0afd10d1efe6fa6ecaaa7e0e89c299f1f20fe21a74ad16bf
-SIZE (bugzilla/bugzilla-3.6.8.tar.gz) = 2509304
+SHA256 (bugzilla/bugzilla-3.6.9.tar.gz) = 05d1fa9a7f0c9a75b9473959b0c9a0370608371da04e331c062ac8e21366af4b
+SIZE (bugzilla/bugzilla-3.6.9.tar.gz) = 2508965
Index: devel/bugzilla3/pkg-plist
===================================================================
RCS file: /home/pcvs/ports/devel/bugzilla3/pkg-plist,v
retrieving revision 1.38
diff -u -r1.38 pkg-plist
--- devel/bugzilla3/pkg-plist	5 Jan 2012 17:25:05 -0000	1.38
+++ devel/bugzilla3/pkg-plist	21 Apr 2012 11:36:17 -0000
@@ -666,7 +666,6 @@
 %%WWWDIR%%/template/en/default/list/list.csv.tmpl
 %%WWWDIR%%/template/en/default/list/list.html.tmpl
 %%WWWDIR%%/template/en/default/list/list.ics.tmpl
-%%WWWDIR%%/template/en/default/list/list.js.tmpl
 %%WWWDIR%%/template/en/default/list/list.rdf.tmpl
 %%WWWDIR%%/template/en/default/list/quips.html.tmpl
 %%WWWDIR%%/template/en/default/list/server-push.html.tmpl
Index: german/bugzilla/Makefile
===================================================================
RCS file: /home/pcvs/ports/german/bugzilla/Makefile,v
retrieving revision 1.6
diff -u -r1.6 Makefile
--- german/bugzilla/Makefile	10 Apr 2012 05:15:47 -0000	1.6
+++ german/bugzilla/Makefile	21 Apr 2012 11:36:17 -0000
@@ -7,6 +7,7 @@
 
 PORTNAME=	bugzilla
 PORTVERSION=	4.0.5
+PORTREVISION=	1
 CATEGORIES=	german
 MASTER_SITES=	SF
 MASTER_SITE_SUBDIR=bugzilla-de/${PORTVERSION:R}/${PORTVERSION}
@@ -23,6 +24,12 @@
 
 LANGDIR=	${WWWDIR}/template/de
 
+# german template checks the bugzilla version number and displays
+# non supported bugzilla version, however there are no relevant
+# changes in the templates between 4.0.5 and 4.0.6
+post-patch:
+	@${SED} -i '' -e 's|4.0.5|4.0.6|' ${WRKDIR}/de/default/global/gzversion.html.tmpl
+
 do-install:
 	@-${MKDIR} ${LANGDIR}
 	@(cd ${WRKSRC}/de && ${COPYTREE_SHARE} . ${LANGDIR})
Index: german/bugzilla3/Makefile
===================================================================
RCS file: /home/pcvs/ports/german/bugzilla3/Makefile,v
retrieving revision 1.5
diff -u -r1.5 Makefile
--- german/bugzilla3/Makefile	13 Feb 2012 21:14:34 -0000	1.5
+++ german/bugzilla3/Makefile	21 Apr 2012 11:36:17 -0000
@@ -7,6 +7,7 @@
 
 PORTNAME=	bugzilla
 PORTVERSION=	3.6.8
+PORTREVISION=	1
 CATEGORIES=	german
 MASTER_SITES=	SF
 MASTER_SITE_SUBDIR=bugzilla-de/${PORTVERSION:R}/${PORTVERSION}
@@ -25,6 +26,12 @@
 
 LANGDIR=	${WWWDIR}/template/de
 
+# german template checks the bugzilla version number and displays
+# non supported bugzilla version, however there are no relevant
+# changes in the template between 3.6.8 and 3.6.9
+post-patch:
+	@${SED} -i '' -e 's|3.6.8|3.6.9|' ${WRKDIR}/de/default/global/gzversion.html.tmpl
+
 do-install:
 	@-${MKDIR} ${LANGDIR}
 	@(cd ${WRKSRC}/de && ${COPYTREE_SHARE} . ${LANGDIR})
Index: russian/bugzilla3-ru/Makefile
===================================================================
RCS file: /home/pcvs/ports/russian/bugzilla3-ru/Makefile,v
retrieving revision 1.15
diff -u -r1.15 Makefile
--- russian/bugzilla3-ru/Makefile	20 Aug 2011 17:10:12 -0000	1.15
+++ russian/bugzilla3-ru/Makefile	21 Apr 2012 11:36:17 -0000
@@ -6,9 +6,10 @@
 #
 
 PORTNAME=	bugzilla
-DISTVERSION=	3.6.6-ru-20110808
+DISTVERSION=	3.6.9-ru-20120419
 CATEGORIES=	russian
-MASTER_SITES=	http://ftp.mozilla-russia.org/bugzilla/
+MASTER_SITES=	SF
+MASTER_SITE_SUBDIR=bugzilla-ru/bugzilla-3.6-ru/${PORTVERSION:R:R}
 PKGNAMESUFFIX=	-ru
 
 MAINTAINER=	skv@FreeBSD.org
Index: russian/bugzilla3-ru/distinfo
===================================================================
RCS file: /home/pcvs/ports/russian/bugzilla3-ru/distinfo,v
retrieving revision 1.9
diff -u -r1.9 distinfo
--- russian/bugzilla3-ru/distinfo	20 Aug 2011 17:10:12 -0000	1.9
+++ russian/bugzilla3-ru/distinfo	21 Apr 2012 11:36:17 -0000
@@ -1,2 +1,2 @@
-SHA256 (bugzilla/bugzilla-3.6.6-ru-20110808.tar.gz) = dd9eaae1021361dd5c3e91acc5f51cddc3c1398d6cd8e36b1e2345fce52a741b
-SIZE (bugzilla/bugzilla-3.6.6-ru-20110808.tar.gz) = 323325
+SHA256 (bugzilla/bugzilla-3.6.9-ru-20120419.tar.gz) = a6c8fa4e70b5f0fb00fc1ba80a201d934b8ca1b214aef4006834655703b6544f
+SIZE (bugzilla/bugzilla-3.6.9-ru-20120419.tar.gz) = 323608
Index: security/vuxml/vuln.xml
===================================================================
RCS file: /home/pcvs/ports/security/vuxml/vuln.xml,v
retrieving revision 1.2665
diff -u -r1.2665 vuln.xml
--- security/vuxml/vuln.xml	19 Apr 2012 03:12:32 -0000	1.2665
+++ security/vuxml/vuln.xml	21 Apr 2012 11:36:18 -0000
@@ -52,6 +52,52 @@
 
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="09c87973-8b9d-11e1-b393-20cf30e32f6d">
+    <topic>bugzilla -- multiple vulnerabilities</topic>
+    <affects>
+      <package>
+	<name>bugzilla</name>
+	<range><ge>3.6.0</ge><lt>3.6.9</lt></range>
+	<range><ge>4.0.0</ge><lt>4.0.6</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<h1>A Bugzilla Security Advisory reports:</h1>
+	<blockquote cite="http://www.bugzilla.org/security/3.6.8/">
+	  <p>The following security issues have been discovered in Bugzilla:</p>
+	  <h1>Unauthorized Access</h1>
+	  <p>Due to a lack of proper validation of the X-FORWARDED-FOR
+	    header of an authentication request, an attacker could bypass
+	    the current lockout policy used for protection against brute-
+	    force password discovery. This vulnerability can only be 
+	    exploited if the 'inbound_proxies' parameter is set.
+	  </p>
+	  <h1>Cross Site Scripting</h1>
+	  <p>A JavaScript template used by buglist.cgi could be used
+	    by a malicious script to permit an attacker to gain access
+	    to some information about bugs he would not normally be
+	    allowed to see, using the victim's credentials. To be
+	    exploitable, the victim must be logged in when visiting
+	    the attacker's malicious page.
+	  </p>
+	  <p>All affected installations are encouraged to upgrade as soon as
+	    possible.</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <cvename>CVE-2012-0465</cvename>
+      <cvename>CVE-2012-0466</cvename>
+      <url>https://bugzilla.mozilla.org/show_bug.cgi?id=728639</url>
+      <url>https://bugzilla.mozilla.org/show_bug.cgi?id=745397</url>
+    </references>
+    <dates>
+      <discovery>2012-04-18</discovery>
+      <entry>2012-04-21</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="67516177-88ec-11e1-9a10-0023ae8e59f0">
   <topic>typo -- Cross-Site Scripting</topic>
     <affects>