diff options
| author | tron <tron@pkgsrc.org> | 2008-06-24 12:50:15 +0000 |
|---|---|---|
| committer | tron <tron@pkgsrc.org> | 2008-06-24 12:50:15 +0000 |
| commit | f0fda74808f15a264263567396e08c274feef602 (patch) | |
| tree | 5468ee531caa4a5999e5fa561f4d32dc4992d673 | |
| parent | d8dcfec400af93d55d37d7f574bc3b602570c2f0 (diff) | |
| download | pkgsrc-f0fda74808f15a264263567396e08c274feef602.tar.gz | |
Pullup ticket #2432 - requested by taca
Security patch for geeklog
Revisions pulled:
- www/geeklog/Makefile 1.17-1.18
- www/geeklog/Makefile.common 1.6
- www/geeklog/distinfo 1.7
- www/geeklog/patches/patch-ah 1.1
---
Module Name: pkgsrc
Committed By: joerg
Date: Mon May 26 00:40:24 UTC 2008
Modified Files:
pkgsrc/www/geeklog: Makefile
Log Message:
Needs full pax dependency. Bump revision.
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Jun 19 14:08:42 UTC 2008
Modified Files:
pkgsrc/www/geeklog: Makefile Makefile.common distinfo
Added Files:
pkgsrc/www/geeklog/patches: patch-ah
Log Message:
Add a security fix for kses, HTML filter which isn't used with default
configuration: http://www.geeklog.net/article.php/kses.
Also fix one pkglint warning.
Bump PKGREVISION.
| -rw-r--r-- | www/geeklog/Makefile | 13 | ||||
| -rw-r--r-- | www/geeklog/Makefile.common | 3 | ||||
| -rw-r--r-- | www/geeklog/distinfo | 3 | ||||
| -rw-r--r-- | www/geeklog/patches/patch-ah | 26 |
4 files changed, 38 insertions, 7 deletions
diff --git a/www/geeklog/Makefile b/www/geeklog/Makefile index b64ceabaa50..6d844039bcf 100644 --- a/www/geeklog/Makefile +++ b/www/geeklog/Makefile @@ -1,8 +1,9 @@ -# $NetBSD: Makefile,v 1.16 2007/07/04 20:55:04 jlam Exp $ +# $NetBSD: Makefile,v 1.16.6.1 2008/06/24 12:50:15 tron Exp $ # DISTNAME= geeklog-${VER} PKGNAME= geeklog-${VER:C/(sr|-)/./g} +PKGREVISION= 2 CATEGORIES= www MASTER_SITES= http://www.geeklog.net/filemgmt/upload_dir/ @@ -13,6 +14,8 @@ COMMENT= PHP/MySQL based application for managing dynamic web content DEPENDS+= ${APACHE_PKG_PREFIX}-${PHP_PKG_PREFIX}>=4.3.3:../../www/ap-php DEPENDS+= ${PHP_PKG_PREFIX}-mysql>=4.3.0:../../databases/php-mysql +USE_TOOLS+= pax:run + VER= 1.4.1 NO_BUILD= YES @@ -108,19 +111,19 @@ do-install: ${INSTALL_SCRIPT} ${WRKDIR}/createdb.php ${GEEKLOG_DIR} ${INSTALL_DATA} ${WRKDIR}/geeklog.conf ${GEEKLOG_EXAMPLESDIR} .for f in ${GEEKLOG_SYS} - cd ${WRKSRC}; ${PAX} -rw ${f} ${GEEKLOG_DIR} + cd ${WRKSRC}; pax -rw ${f} ${GEEKLOG_DIR} .endfor cd ${WRKSRC}/public_html; \ - ${PAX} -rw admin ${GEEKLOG_DIR}; \ + pax -rw admin ${GEEKLOG_DIR}; \ ${RM} -rf admin .for d in ${GEEKLOG_TMPL_SUB} cd ${WRKSRC}/public_html; \ if [ -d ${d} ]; then \ - ${PAX} -rw ${d} ${GEEKLOG_TMPL_DIR}; \ + pax -rw ${d} ${GEEKLOG_TMPL_DIR}; \ ${RM} -rf ${d}; \ fi .endfor - cd ${WRKSRC}/public_html; ${PAX} -rw . ${GEEKLOG_PUBDIR} + cd ${WRKSRC}/public_html; pax -rw . ${GEEKLOG_PUBDIR} .include "../../mk/apache.mk" .include "../../lang/php/phpversion.mk" diff --git a/www/geeklog/Makefile.common b/www/geeklog/Makefile.common index a7cc7ef6c5d..3b439d54bf1 100644 --- a/www/geeklog/Makefile.common +++ b/www/geeklog/Makefile.common @@ -1,5 +1,6 @@ -# $NetBSD: Makefile.common,v 1.4 2007/05/20 15:56:44 taca Exp $ +# $NetBSD: Makefile.common,v 1.4.8.1 2008/06/24 12:50:15 tron Exp $ # +# used by www/geeklog/Makefile GEEKLOG_BASE= share/geeklog GEEKLOG_PUB= share/httpd/geeklog diff --git a/www/geeklog/distinfo b/www/geeklog/distinfo index ff9691af136..daddbac0b01 100644 --- a/www/geeklog/distinfo +++ b/www/geeklog/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.6 2007/05/20 15:56:44 taca Exp $ +$NetBSD: distinfo,v 1.6.8.1 2008/06/24 12:50:15 tron Exp $ SHA1 (geeklog-1.4.1.tar.gz) = c323c29b523598b97d7e0957435c0ec0c31cb290 RMD160 (geeklog-1.4.1.tar.gz) = bfac9946b34d0254fedd3a54cf742b044d347a3c @@ -7,3 +7,4 @@ SHA1 (patch-aa) = f96a2391925ae66c9629ee4480053b71dc33d587 SHA1 (patch-ab) = 3cbc5f3845eaaf78c349e1bc82e8e792627a12db SHA1 (patch-ac) = e5523aab7a13f014ecb961a53f8d962115c4d7b4 SHA1 (patch-ag) = 207ef0801d865ff16d2a99f0732ea0cb49ce2ad5 +SHA1 (patch-ah) = 376e1208f0ec332e9da243a9a475d5569158d6d3 diff --git a/www/geeklog/patches/patch-ah b/www/geeklog/patches/patch-ah new file mode 100644 index 00000000000..efcf7dcec98 --- /dev/null +++ b/www/geeklog/patches/patch-ah @@ -0,0 +1,26 @@ +$NetBSD: patch-ah,v 1.1.2.2 2008/06/24 12:50:15 tron Exp $ + +A security fix for HTML filter: http://www.geeklog.net/article.php/kses. +This problem will be fixed in Geeklog 1.5.0. + +--- system/classes/kses.class.php.orig 2006-05-15 14:49:44.000000000 +0900 ++++ system/classes/kses.class.php +@@ -941,12 +941,12 @@ + */ + function _bad_protocol_once($string) + { +- return preg_replace( +- '/^((&[^;]*;|[\sA-Za-z0-9])*)'. +- '(:|:|&#[Xx]3[Aa];)\s*/e', +- '\$this->_bad_protocol_once2("\\1")', +- $string +- ); ++ $string2 = preg_split('/:|:|:/i', $string, 2); ++ if(isset($string2[1]) && !preg_match('%/\?%',$string2[0])) ++ { ++ $string = $this->_bad_protocol_once2($string2[0]).trim($string2[1]); ++ } ++ return $string; + } + + /** |