diff options
author | salo <salo> | 2005-09-03 13:20:00 +0000 |
---|---|---|
committer | salo <salo> | 2005-09-03 13:20:00 +0000 |
commit | c853da290245ae9c60f011949de16bd95b7f009c (patch) | |
tree | 759c47c01f181751020276f57f27e679cdd954a7 | |
parent | bf00d51ba2a11aac7e61461be6dc75528d3d24b3 (diff) | |
download | pkgsrc-c853da290245ae9c60f011949de16bd95b7f009c.tar.gz |
Pullup ticket 725 - requested by Adrian Portelli
security fixes for phpldapadmin
Revisions pulled up:
- pkgsrc/databases/phpldapadmin/Makefile 1.8, 1.9, 1.10
- pkgsrc/databases/phpldapadmin/distinfo 1.5
- pkgsrc/databases/phpldapadmin/patches/patch-aa 1.1
Module Name: pkgsrc
Committed By: adrianp
Date: Tue Aug 30 14:26:32 UTC 2005
Modified Files:
pkgsrc/databases/phpldapadmin: Makefile distinfo
Added Files:
pkgsrc/databases/phpldapadmin/patches: patch-aa
Log Message:
Patch via Debian for recent security issue
Bump to nb2
---
Module Name: pkgsrc
Committed By: adrianp
Date: Tue Aug 30 15:28:48 UTC 2005
Modified Files:
pkgsrc/databases/phpldapadmin: Makefile
Log Message:
Remove .orig file in pre-install from patch-aa. Spotted by salo@.
---
Module Name: pkgsrc
Committed By: adrianp
Date: Thu Sep 1 19:56:57 UTC 2005
Modified Files:
pkgsrc/databases/phpldapadmin: Makefile
Log Message:
Add a depends on apache
Fix up previous handling of new patch as suggested by salo@ in private
email.
Bump PKGREVISION
-rw-r--r-- | databases/phpldapadmin/Makefile | 6 | ||||
-rw-r--r-- | databases/phpldapadmin/distinfo | 3 | ||||
-rw-r--r-- | databases/phpldapadmin/patches/patch-aa | 15 |
3 files changed, 21 insertions, 3 deletions
diff --git a/databases/phpldapadmin/Makefile b/databases/phpldapadmin/Makefile index 6cc5dd5f48e..bafd36d7b3c 100644 --- a/databases/phpldapadmin/Makefile +++ b/databases/phpldapadmin/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.7 2005/05/23 22:01:42 adrianp Exp $ +# $NetBSD: Makefile,v 1.7.2.1 2005/09/03 13:20:00 salo Exp $ DISTNAME= phpldapadmin-${VERSION} -PKGREVISION= 1 +PKGREVISION= 3 CATEGORIES= databases www MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=phpldapadmin/} @@ -43,6 +43,8 @@ do-install: cd ${WRKSRC} && ${PAX} \ -s /\.#// \ -s /\.cvsignore// \ + -s /\.orig// \ -rwppm . ${PREFIX}/share/phpldapadmin +.include "../../mk/apache.mk" .include "../../mk/bsd.pkg.mk" diff --git a/databases/phpldapadmin/distinfo b/databases/phpldapadmin/distinfo index fca88dd52da..6bebd134e64 100644 --- a/databases/phpldapadmin/distinfo +++ b/databases/phpldapadmin/distinfo @@ -1,5 +1,6 @@ -$NetBSD: distinfo,v 1.4 2005/05/19 23:12:17 seb Exp $ +$NetBSD: distinfo,v 1.4.2.1 2005/09/03 13:20:00 salo Exp $ SHA1 (phpldapadmin-0.9.6c.tar.gz) = 52d094ec62892409d766629c42a32e076076bd97 RMD160 (phpldapadmin-0.9.6c.tar.gz) = 29280777527af4531119ecfa5365cce7d899cd50 Size (phpldapadmin-0.9.6c.tar.gz) = 707109 bytes +SHA1 (patch-aa) = b921f4574b5613e0182456891eec7e5001ddc1a6 diff --git a/databases/phpldapadmin/patches/patch-aa b/databases/phpldapadmin/patches/patch-aa new file mode 100644 index 00000000000..08535c1e3f7 --- /dev/null +++ b/databases/phpldapadmin/patches/patch-aa @@ -0,0 +1,15 @@ +$NetBSD: patch-aa,v 1.1.2.2 2005/09/03 13:20:00 salo Exp $ + +--- login.php.orig 2005-04-15 14:16:59.000000000 +0100 ++++ login.php +@@ -30,7 +30,9 @@ $ldapserver = new LDAPServer($server_id) + $dn = isset( $_POST['login_dn'] ) ? $_POST['login_dn'] : null; + $uid = isset( $_POST['uid'] ) ? $_POST['uid'] : null; + $pass = isset( $_POST['login_pass'] ) ? $_POST['login_pass'] : null; +-$anon_bind = isset( $_POST['anonymous_bind'] ) && $_POST['anonymous_bind'] == 'on' ? true : false; ++$anon_bind = isset( $_POST['anonymous_bind'] ) && ++ $_POST['anonymous_bind'] == 'on' && ++ $ldapserver->isAnonBindAllowed() ? true : false; + + if( ! $anon_bind ) + strlen($pass) or pla_error( $lang['password_blank'] ); |