Update contao210 package to 2.10.2.

It is really fix the XSS problem.

Version 2.10.2 (2011-10-10)
---------------------------
- Updated: updated TinyMCE to version 3.4.6
- Fixed: do not remove slashes just because get_magic_quotes_gpc() exists
- Fixed: CSS units were not always applied when used with global variables
  (#3464)
- Fixed: the task deadline field did not show the date picker (#3351)
- Fixed: do not return empty lines in the compileDefinition hook (#3440)
- Fixed: the TinyMCE spellchecker did not work anymore (#3487)
- Fixed: the regexp for validating phone numbers accepted invalid values
  (#3493)
- Fixed: added the new HTML5 elements to the valid TinyMCE tags (#3479)
- Fixed: the style sheet generator did not support absolute URLs (#3512)
- Fixed: fixed a potential XSS vulnerability (thanks to sschurtz)
- Fixed a few minor issues

4 files changed, 7 insertions, 43 deletions

diff --git a/www/contao/Makefile.common b/www/contao/Makefile.common
index 4ab577ddd34..619ca49e115 100644
--- a/www/contao/Makefile.common
+++ b/www/contao/Makefile.common
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.3 2011/08/31 14:33:22 taca Exp $
+# $NetBSD: Makefile.common,v 1.4 2011/10/10 16:32:59 taca Exp $
 #
 # used by www/contao29/Makefile
 # used by www/contao29-example/Makefile
@@ -10,7 +10,7 @@
 
 # current release
 CT29_VERSION=	2.9.5
-CT210_VERSION=	2.10.1
+CT210_VERSION=	2.10.2
 
 CT_VERS?=	210
 
diff --git a/www/contao210/Makefile b/www/contao210/Makefile
index 3168f4d6014..a4d3c0cf74f 100644
--- a/www/contao210/Makefile
+++ b/www/contao210/Makefile
@@ -1,9 +1,8 @@
-# $NetBSD: Makefile,v 1.3 2011/10/07 12:28:11 taca Exp $
+# $NetBSD: Makefile,v 1.4 2011/10/10 16:32:59 taca Exp $
 #
 
 DISTNAME=	contao-${CT_VERSION}
 PKGNAME=	contao${CT_VER}-${CT_PKGVER}
-PKGREVISION=	2
 CATEGORIES=	www
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=typolight/}
 
diff --git a/www/contao210/distinfo b/www/contao210/distinfo
index f7f1ec1bb6f..4e812a58724 100644
--- a/www/contao210/distinfo
+++ b/www/contao210/distinfo
@@ -1,6 +1,5 @@
-$NetBSD: distinfo,v 1.3 2011/10/07 12:28:11 taca Exp $
+$NetBSD: distinfo,v 1.4 2011/10/10 16:32:59 taca Exp $
 
-SHA1 (contao-2.10.1.tar.gz) = f8139b1baef077f5ddb2ba5b7d3fc6b6169db147
-RMD160 (contao-2.10.1.tar.gz) = cb71bdadc9414bd03394ef71928b7fb00d3c5f0b
-Size (contao-2.10.1.tar.gz) = 4868666 bytes
-SHA1 (patch-system_modules_frontend_Frontend.php) = 9e3bc3196d93ef28ef1db842750ab40f50eb10f9
+SHA1 (contao-2.10.2.tar.gz) = 78db9e1ee385f169ac70e4c9a1e09d5bf1c6ef47
+RMD160 (contao-2.10.2.tar.gz) = d4feedfeadf93384bf3d76f8a380c0772b3a3c92
+Size (contao-2.10.2.tar.gz) = 4871543 bytes
diff --git a/www/contao210/patches/patch-system_modules_frontend_Frontend.php b/www/contao210/patches/patch-system_modules_frontend_Frontend.php
deleted file mode 100644
index 366484a1b06..00000000000
--- a/www/contao210/patches/patch-system_modules_frontend_Frontend.php
+++ /dev/null
@@ -1,34 +0,0 @@
-$NetBSD: patch-system_modules_frontend_Frontend.php,v 1.1 2011/10/07 12:28:11 taca Exp $
-
-* Fix potential XSS vulnerability, r1041.
-
---- system/modules/frontend/Frontend.php.orig	2011-08-19 12:08:32.000000000 +0000
-+++ system/modules/frontend/Frontend.php
-@@ -80,7 +80,7 @@ abstract class Frontend extends Controll
- 			return is_numeric($this->Input->get('id')) ? $this->Input->get('id') : null;
- 		}
- 
--		if (!strlen($this->Environment->request))
-+		if ($this->Environment->request == '')
- 		{
- 			return null;
- 		}
-@@ -106,13 +106,15 @@ abstract class Frontend extends Controll
- 			}
- 		}
- 
--		// Add fragments to $_GET array
-+		// DO NOT USE urldecode() HERE (XSS vulnerability)!
-+
-+		// Add the fragments to the $_GET array
- 		for ($i=1; $i<count($arrFragments); $i+=2)
- 		{
--			$_GET[urldecode($arrFragments[$i])] = urldecode($arrFragments[$i+1]);
-+			$_GET[$arrFragments[$i]] = $arrFragments[$i+1];
- 		}
- 
--		return strlen($arrFragments[0]) ? urldecode($arrFragments[0]) : null;
-+		return ($arrFragments[0] != '') ? $arrFragments[0] : null;
- 	}
- 
-