summaryrefslogtreecommitdiff
path: root/mail/roundcube
diff options
context:
space:
mode:
authortaca <taca@pkgsrc.org>2012-10-15 03:33:22 +0000
committertaca <taca@pkgsrc.org>2012-10-15 03:33:22 +0000
commit71b853488a039ed5bcee64e86ef4a1570fa801b5 (patch)
tree1139ed2f7e88c64cbb2ba2f77b6faf4b7f186677 /mail/roundcube
parent7cda3541dc0fcf14b85a81b23e61c1f565412f64 (diff)
downloadpkgsrc-71b853488a039ed5bcee64e86ef4a1570fa801b5.tar.gz
Add minimum fix for XSS with HTTP_USER_AGENT from the repository.
Bump PKGREVISION.
Diffstat (limited to 'mail/roundcube')
-rw-r--r--mail/roundcube/Makefile3
-rw-r--r--mail/roundcube/distinfo3
-rw-r--r--mail/roundcube/patches/patch-program_steps_utils_error.inc15
3 files changed, 19 insertions, 2 deletions
diff --git a/mail/roundcube/Makefile b/mail/roundcube/Makefile
index a25fc7adc36..f58d096ab89 100644
--- a/mail/roundcube/Makefile
+++ b/mail/roundcube/Makefile
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.47 2012/10/08 12:19:30 asau Exp $
+# $NetBSD: Makefile,v 1.48 2012/10/15 03:33:22 taca Exp $
DISTNAME= roundcubemail-0.8.1-dep
PKGNAME= ${DISTNAME:S/mail-/-/:S/-dep//}
+PKGREVISION= 1
CATEGORIES= mail
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=roundcubemail/}
diff --git a/mail/roundcube/distinfo b/mail/roundcube/distinfo
index bed71d089c3..21064ad99d0 100644
--- a/mail/roundcube/distinfo
+++ b/mail/roundcube/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.25 2012/08/21 15:26:31 taca Exp $
+$NetBSD: distinfo,v 1.26 2012/10/15 03:33:22 taca Exp $
SHA1 (roundcubemail-0.8.1-dep.tar.gz) = 3e9642800e7e5226057b54c61baba17f5ba75680
RMD160 (roundcubemail-0.8.1-dep.tar.gz) = 92430f23b5241ef9cf8942d75455d2aba84fdc72
@@ -7,3 +7,4 @@ SHA1 (patch-aa) = 4946fab1dd1a809d32de7fa16b9eb1075eb8424a
SHA1 (patch-ab) = ac9f7ac488f9c309fd1b30a8ecec73e52b245c11
SHA1 (patch-ac) = c25fc1c662bbdbde388165fe835e8af9b5665c5b
SHA1 (patch-af) = e2bae396f049b2c5030f24e539b7f418a3d09d78
+SHA1 (patch-program_steps_utils_error.inc) = d2062e13762d33bcd8426c7c2db1f49e910b9d50
diff --git a/mail/roundcube/patches/patch-program_steps_utils_error.inc b/mail/roundcube/patches/patch-program_steps_utils_error.inc
new file mode 100644
index 00000000000..2cb7cdf631d
--- /dev/null
+++ b/mail/roundcube/patches/patch-program_steps_utils_error.inc
@@ -0,0 +1,15 @@
+$NetBSD: patch-program_steps_utils_error.inc,v 1.1 2012/10/15 03:33:23 taca Exp $
+
+Minimum fix for XSS with HTTP_USER_AGENT from the repository.
+
+--- program/steps/utils/error.inc.orig 2012-08-17 19:34:07.000000000 +0000
++++ program/steps/utils/error.inc
+@@ -25,7 +25,7 @@
+
+ // browser is not compatible with this application
+ if ($ERROR_CODE==409) {
+- $user_agent = $_SERVER['HTTP_USER_AGENT'];
++ $user_agent = htmlentities($_SERVER['HTTP_USER_AGENT']);
+ $__error_title = 'Your browser does not suit the requirements for this application';
+ $__error_text = <<<EOF
+ <i>Supported browsers:</i><br />