diff options
author | taca <taca@pkgsrc.org> | 2012-10-15 03:33:22 +0000 |
---|---|---|
committer | taca <taca@pkgsrc.org> | 2012-10-15 03:33:22 +0000 |
commit | 71b853488a039ed5bcee64e86ef4a1570fa801b5 (patch) | |
tree | 1139ed2f7e88c64cbb2ba2f77b6faf4b7f186677 /mail/roundcube | |
parent | 7cda3541dc0fcf14b85a81b23e61c1f565412f64 (diff) | |
download | pkgsrc-71b853488a039ed5bcee64e86ef4a1570fa801b5.tar.gz |
Add minimum fix for XSS with HTTP_USER_AGENT from the repository.
Bump PKGREVISION.
Diffstat (limited to 'mail/roundcube')
-rw-r--r-- | mail/roundcube/Makefile | 3 | ||||
-rw-r--r-- | mail/roundcube/distinfo | 3 | ||||
-rw-r--r-- | mail/roundcube/patches/patch-program_steps_utils_error.inc | 15 |
3 files changed, 19 insertions, 2 deletions
diff --git a/mail/roundcube/Makefile b/mail/roundcube/Makefile index a25fc7adc36..f58d096ab89 100644 --- a/mail/roundcube/Makefile +++ b/mail/roundcube/Makefile @@ -1,7 +1,8 @@ -# $NetBSD: Makefile,v 1.47 2012/10/08 12:19:30 asau Exp $ +# $NetBSD: Makefile,v 1.48 2012/10/15 03:33:22 taca Exp $ DISTNAME= roundcubemail-0.8.1-dep PKGNAME= ${DISTNAME:S/mail-/-/:S/-dep//} +PKGREVISION= 1 CATEGORIES= mail MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=roundcubemail/} diff --git a/mail/roundcube/distinfo b/mail/roundcube/distinfo index bed71d089c3..21064ad99d0 100644 --- a/mail/roundcube/distinfo +++ b/mail/roundcube/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.25 2012/08/21 15:26:31 taca Exp $ +$NetBSD: distinfo,v 1.26 2012/10/15 03:33:22 taca Exp $ SHA1 (roundcubemail-0.8.1-dep.tar.gz) = 3e9642800e7e5226057b54c61baba17f5ba75680 RMD160 (roundcubemail-0.8.1-dep.tar.gz) = 92430f23b5241ef9cf8942d75455d2aba84fdc72 @@ -7,3 +7,4 @@ SHA1 (patch-aa) = 4946fab1dd1a809d32de7fa16b9eb1075eb8424a SHA1 (patch-ab) = ac9f7ac488f9c309fd1b30a8ecec73e52b245c11 SHA1 (patch-ac) = c25fc1c662bbdbde388165fe835e8af9b5665c5b SHA1 (patch-af) = e2bae396f049b2c5030f24e539b7f418a3d09d78 +SHA1 (patch-program_steps_utils_error.inc) = d2062e13762d33bcd8426c7c2db1f49e910b9d50 diff --git a/mail/roundcube/patches/patch-program_steps_utils_error.inc b/mail/roundcube/patches/patch-program_steps_utils_error.inc new file mode 100644 index 00000000000..2cb7cdf631d --- /dev/null +++ b/mail/roundcube/patches/patch-program_steps_utils_error.inc @@ -0,0 +1,15 @@ +$NetBSD: patch-program_steps_utils_error.inc,v 1.1 2012/10/15 03:33:23 taca Exp $ + +Minimum fix for XSS with HTTP_USER_AGENT from the repository. + +--- program/steps/utils/error.inc.orig 2012-08-17 19:34:07.000000000 +0000 ++++ program/steps/utils/error.inc +@@ -25,7 +25,7 @@ + + // browser is not compatible with this application + if ($ERROR_CODE==409) { +- $user_agent = $_SERVER['HTTP_USER_AGENT']; ++ $user_agent = htmlentities($_SERVER['HTTP_USER_AGENT']); + $__error_title = 'Your browser does not suit the requirements for this application'; + $__error_text = <<<EOF + <i>Supported browsers:</i><br /> |