diff options
author | taca <taca@pkgsrc.org> | 2009-12-20 04:21:05 +0000 |
---|---|---|
committer | taca <taca@pkgsrc.org> | 2009-12-20 04:21:05 +0000 |
commit | c029324c48eec829c5cc73af626e3e7e0c867916 (patch) | |
tree | bfb46215512906a76500d7bb4de2540a834c3624 /www | |
parent | b34818b4b5ad6bb981154250cec851e2dbe86dea (diff) | |
download | pkgsrc-c029324c48eec829c5cc73af626e3e7e0c867916.tar.gz |
Add security fix patches, refering http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html.
Bump PKGREVISION.
Diffstat (limited to 'www')
-rw-r--r-- | www/typolight26/Makefile | 4 | ||||
-rw-r--r-- | www/typolight26/distinfo | 4 | ||||
-rw-r--r-- | www/typolight26/patches/patch-ad | 52 | ||||
-rw-r--r-- | www/typolight26/patches/patch-ae | 52 |
4 files changed, 109 insertions, 3 deletions
diff --git a/www/typolight26/Makefile b/www/typolight26/Makefile index e6ded14345b..e7a15e74c1b 100644 --- a/www/typolight26/Makefile +++ b/www/typolight26/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.4 2009/11/29 06:46:21 taca Exp $ +# $NetBSD: Makefile,v 1.5 2009/12/20 04:21:05 taca Exp $ # DISTNAME= typolight-${TL_VERSION} PKGNAME= typolight${TL_VER}-${TL_PKGVER} -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= www MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=typolight/} diff --git a/www/typolight26/distinfo b/www/typolight26/distinfo index 2fe27650a88..187266cbcc6 100644 --- a/www/typolight26/distinfo +++ b/www/typolight26/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.2 2009/04/30 13:12:40 taca Exp $ +$NetBSD: distinfo,v 1.3 2009/12/20 04:21:05 taca Exp $ SHA1 (typolight-2.6.7.tar.gz) = d360d5a974c3663488576f856302710c0529b500 RMD160 (typolight-2.6.7.tar.gz) = b15e3c1c910f3fc9bf3797ffd0dfd6dfc3dd7d5a @@ -6,3 +6,5 @@ Size (typolight-2.6.7.tar.gz) = 2906128 bytes SHA1 (patch-aa) = 254a1fef4e0baff7c5f10c25ceb9d1501f315684 SHA1 (patch-ab) = a005f8650564eb031def1f94156dcdc72799a758 SHA1 (patch-ac) = 035f7703721774b1cc9eaf99ffdbc6aa60489076 +SHA1 (patch-ad) = 1302dfb77f76f3d407f123b3e1f1d9f8dfe6e740 +SHA1 (patch-ae) = 7498d750dc902294163efd32cae3ac20feb08c08 diff --git a/www/typolight26/patches/patch-ad b/www/typolight26/patches/patch-ad new file mode 100644 index 00000000000..dccb9b18cfb --- /dev/null +++ b/www/typolight26/patches/patch-ad @@ -0,0 +1,52 @@ +$NetBSD: patch-ad,v 1.1 2009/12/20 04:21:05 taca Exp $ + +* Security fix: + http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html + +--- typolight/ftp.php.orig 2008-12-13 15:27:05.000000000 +0000 ++++ typolight/ftp.php +@@ -88,6 +88,9 @@ class FtpCheck extends Controller + */ + if ($this->Input->post('FORM_SUBMIT') == 'tl_login') + { ++ $_SESSION['TL_INSTALL_AUTH'] = ''; ++ $_SESSION['TL_INSTALL_EXPIRE'] = 0; ++ + $password = sha1($this->Input->post('password', true)); + + if (strlen($password) && $password != 'da39a3ee5e6b4b0d3255bfef95601890afd80709') +@@ -95,7 +98,10 @@ class FtpCheck extends Controller + // Set cookie + if ($password == $GLOBALS['TL_CONFIG']['installPassword']) + { +- $this->setCookie('TL_INSTALL_AUTH', md5($this->Environment->ip.session_id()), (time()+300), $GLOBALS['TL_CONFIG']['websitePath']); ++ $_SESSION['TL_INSTALL_EXPIRE'] = (time() + 300); ++ $_SESSION['TL_INSTALL_AUTH'] = md5(uniqid('', true) . $this->Environment->ip . session_id()); ++ ++ $this->setCookie('TL_INSTALL_AUTH', $_SESSION['TL_INSTALL_AUTH'], $_SESSION['TL_INSTALL_EXPIRE'], $GLOBALS['TL_CONFIG']['websitePath']); + $this->Config->update("\$GLOBALS['TL_CONFIG']['installCount']", 0); + + $this->reload(); +@@ -109,14 +115,20 @@ class FtpCheck extends Controller + } + + // Check cookie +- if (!$this->Input->cookie('TL_INSTALL_AUTH')) ++ if (!$this->Input->cookie('TL_INSTALL_AUTH') || $_SESSION['TL_INSTALL_AUTH'] == '' || $this->Input->cookie('TL_INSTALL_AUTH') != $_SESSION['TL_INSTALL_AUTH'] || $_SESSION['TL_INSTALL_EXPIRE'] < time()) + { + $this->Template->login = true; + $this->outputAndExit(); + } + + // Renew cookie +- $this->setCookie('TL_INSTALL_AUTH', md5($this->Environment->ip.session_id()), (time()+300), $GLOBALS['TL_CONFIG']['websitePath']); ++ else ++ { ++ $_SESSION['TL_INSTALL_EXPIRE'] = (time() + 300); ++ $_SESSION['TL_INSTALL_AUTH'] = md5(uniqid('', true) . $this->Environment->ip . session_id()); ++ ++ $this->setCookie('TL_INSTALL_AUTH', $_SESSION['TL_INSTALL_AUTH'], $_SESSION['TL_INSTALL_EXPIRE'], $GLOBALS['TL_CONFIG']['websitePath']); ++ } + + + /** diff --git a/www/typolight26/patches/patch-ae b/www/typolight26/patches/patch-ae new file mode 100644 index 00000000000..8ecb1364ccd --- /dev/null +++ b/www/typolight26/patches/patch-ae @@ -0,0 +1,52 @@ +$NetBSD: patch-ae,v 1.1 2009/12/20 04:21:05 taca Exp $ + +* Security fix: + http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html + +--- typolight/install.php.orig 2008-12-13 15:27:05.000000000 +0000 ++++ typolight/install.php +@@ -113,6 +113,9 @@ class InstallTool extends Controller + */ + if ($this->Input->post('FORM_SUBMIT') == 'tl_login') + { ++ $_SESSION['TL_INSTALL_AUTH'] = ''; ++ $_SESSION['TL_INSTALL_EXPIRE'] = 0; ++ + $password = sha1($this->Input->post('password', true)); + + if (strlen($password) && $password != 'da39a3ee5e6b4b0d3255bfef95601890afd80709') +@@ -120,7 +123,10 @@ class InstallTool extends Controller + // Set cookie + if ($password == $GLOBALS['TL_CONFIG']['installPassword']) + { +- $this->setCookie('TL_INSTALL_AUTH', md5($this->Environment->ip.session_id()), (time()+300), $GLOBALS['TL_CONFIG']['websitePath']); ++ $_SESSION['TL_INSTALL_EXPIRE'] = (time() + 300); ++ $_SESSION['TL_INSTALL_AUTH'] = md5(uniqid('', true) . $this->Environment->ip . session_id()); ++ ++ $this->setCookie('TL_INSTALL_AUTH', $_SESSION['TL_INSTALL_AUTH'], $_SESSION['TL_INSTALL_EXPIRE'], $GLOBALS['TL_CONFIG']['websitePath']); + $this->Config->update("\$GLOBALS['TL_CONFIG']['installCount']", 0); + + $this->reload(); +@@ -134,14 +140,20 @@ class InstallTool extends Controller + } + + // Check cookie +- if (!$this->Input->cookie('TL_INSTALL_AUTH')) ++ if (!$this->Input->cookie('TL_INSTALL_AUTH') || $_SESSION['TL_INSTALL_AUTH'] == '' || $this->Input->cookie('TL_INSTALL_AUTH') != $_SESSION['TL_INSTALL_AUTH'] || $_SESSION['TL_INSTALL_EXPIRE'] < time()) + { + $this->Template->login = true; + $this->outputAndExit(); + } + + // Renew cookie +- $this->setCookie('TL_INSTALL_AUTH', md5($this->Environment->ip.session_id()), (time()+300), $GLOBALS['TL_CONFIG']['websitePath']); ++ else ++ { ++ $_SESSION['TL_INSTALL_EXPIRE'] = (time() + 300); ++ $_SESSION['TL_INSTALL_AUTH'] = md5(uniqid('', true) . $this->Environment->ip . session_id()); ++ ++ $this->setCookie('TL_INSTALL_AUTH', $_SESSION['TL_INSTALL_AUTH'], $_SESSION['TL_INSTALL_EXPIRE'], $GLOBALS['TL_CONFIG']['websitePath']); ++ } + + + /** |