summaryrefslogtreecommitdiff
path: root/www/typolight28
diff options
context:
space:
mode:
authortaca <taca>2010-07-28 16:24:20 +0000
committertaca <taca>2010-07-28 16:24:20 +0000
commitbd94a1c02cf9832b9550150010cdddc5b4e16240 (patch)
tree79d0c10262aefa2d0a745a1dd91f530fee737c2d /www/typolight28
parentf8259542e8cac16f3d536138e65aa9bbb9e553fd (diff)
downloadpkgsrc-bd94a1c02cf9832b9550150010cdddc5b4e16240.tar.gz
Add a patch from Contao(TYPOlight) repository to fix possible
XSS problem on frontend module. Bump PKGREVISION.
Diffstat (limited to 'www/typolight28')
-rw-r--r--www/typolight28/Makefile3
-rw-r--r--www/typolight28/distinfo3
-rw-r--r--www/typolight28/patches/patch-ad23
3 files changed, 27 insertions, 2 deletions
diff --git a/www/typolight28/Makefile b/www/typolight28/Makefile
index 19d158057c5..dec94251fe4 100644
--- a/www/typolight28/Makefile
+++ b/www/typolight28/Makefile
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.10 2010/07/03 04:00:09 taca Exp $
+# $NetBSD: Makefile,v 1.11 2010/07/28 16:24:20 taca Exp $
#
DISTNAME= typolight-${TL_VERSION}
PKGNAME= typolight${TL_VER}-${TL_PKGVER}
+PKGREVISION= 1
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=typolight/}
diff --git a/www/typolight28/distinfo b/www/typolight28/distinfo
index c50ea318e13..9db47f75de3 100644
--- a/www/typolight28/distinfo
+++ b/www/typolight28/distinfo
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.8 2010/07/03 04:00:09 taca Exp $
+$NetBSD: distinfo,v 1.9 2010/07/28 16:24:20 taca Exp $
SHA1 (typolight-2.8.4.tar.gz) = d18d684a06f5dd29ffc6a28d08143feb613cd47b
RMD160 (typolight-2.8.4.tar.gz) = ad82d00e3b7ec4e604640779fec841fcfc65f75c
Size (typolight-2.8.4.tar.gz) = 4097946 bytes
+SHA1 (patch-ad) = 207ce919bb6fa7148108f8bd075d3a7d7ad1eeb9
diff --git a/www/typolight28/patches/patch-ad b/www/typolight28/patches/patch-ad
new file mode 100644
index 00000000000..8391863b260
--- /dev/null
+++ b/www/typolight28/patches/patch-ad
@@ -0,0 +1,23 @@
+$NetBSD: patch-ad,v 1.1 2010/07/28 16:24:20 taca Exp $
+
+Fix for CSS from repository, r507.
+
+--- system/modules/frontend/Frontend.php.orig 2010-04-19 10:22:31.000000000 +0000
++++ system/modules/frontend/Frontend.php
+@@ -166,8 +166,16 @@ abstract class Frontend extends Controll
+ protected function addToUrl($strRequest, $blnIgnoreParams=false)
+ {
+ $arrGet = $blnIgnoreParams ? array() : $_GET;
++
++ // Clean the $_GET values (thanks to thyon)
++ foreach (array_keys($arrGet) as $key)
++ {
++ $arrGet[$key] = $this->Input->get($key, true);
++ }
++
+ $arrFragments = preg_split('/&(amp;)?/i', $strRequest);
+
++ // Merge the new request string
+ foreach ($arrFragments as $strFragment)
+ {
+ list($key, $value) = explode('=', $strFragment);