projects / gentoo.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8fe134e)
Fix bug #136830.
authorLuca Longinotti <chtekk@gentoo.org>
Thu, 15 Jun 2006 18:41:52 +0000 (18:41 +0000)
committerLuca Longinotti <chtekk@gentoo.org>
Thu, 15 Jun 2006 18:41:52 +0000 (18:41 +0000)
Package-Manager: portage-2.1

www-apps/horde/ChangeLog patch | blob | history
www-apps/horde/Manifest patch | blob | history
www-apps/horde/files/digest-horde-2.2.9 patch | blob | history
www-apps/horde/files/digest-horde-3.0.9 patch | blob | history
www-apps/horde/files/digest-horde-3.1 patch | blob | history
www-apps/horde/files/digest-horde-3.1.1-r1 [new file with mode: 0644] patch | blob
www-apps/horde/files/horde-3.1.1-xss.diff [new file with mode: 0644] patch | blob
www-apps/horde/horde-3.1.1-r1.ebuild [new file with mode: 0644] patch | blob

diff --git a/www-apps/horde/ChangeLog b/www-apps/horde/ChangeLog
index 1c5c3e01603bb339d843ba5ad67af2f6789a12bc..f3f518c8492c00a7762741d3178d49ca1238c229 100644 (file)
--- a/www-apps/horde/ChangeLog
+++ b/www-apps/horde/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for www-apps/horde
 # Copyright 1999-2006 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/horde/ChangeLog,v 1.33 2006/03/31 20:01:55 yoswink Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apps/horde/ChangeLog,v 1.34 2006/06/15 18:41:52 chtekk Exp $
+
+*horde-3.1.1-r1 (15 Jun 2006)
+
+  15 Jun 2006; Luca Longinotti <chtekk@gentoo.org>
+  +files/horde-3.1.1-xss.diff, +horde-3.1.1-r1.ebuild:
+  Fix bug #136830.
 
   31 Mar 2006; Jose Luis Rivero <yoswink@gentoo.org> horde-3.1.1.ebuild:
   Stable on alpha wrt security bug #127889
diff --git a/www-apps/horde/Manifest b/www-apps/horde/Manifest
index 49369f0e16663a04f256e99bdc08b86e4bf839a3..2afa3ba4bc91900a69b79cbeef187ae86ca7f261 100644 (file)
--- a/www-apps/horde/Manifest
+++ b/www-apps/horde/Manifest
@@ -1,10 +1,51 @@
-MD5 9e5f457fc68fb30f9109cd09d77be756 ChangeLog 6206
-MD5 5d24743096fc0e5fc9f7f722dd3a8a02 files/digest-horde-2.2.9 63
-MD5 d063dd3682701eef77f9e6aac34d08ea files/digest-horde-3.0.9 64
-MD5 d246d71fc88cd3c7ae5b565a47022a8e files/digest-horde-3.1 232
-MD5 581a2d776ccb73879f6947e8041c8eed files/digest-horde-3.1.1 238
+AUX horde-3.1.1-xss.diff 1973 RMD160 cb7af0db0f00c21ca442fad158f424c4b44e1620 SHA1 8448e723b7d1b9795b3005e8a8b6cda6aae9358a SHA256 79ab4162daea72159e7560056c8185ad3cbe47d043bd445c42714260f79ca560
+MD5 06ea158ce79a39ed9b2b96f87f774d6a files/horde-3.1.1-xss.diff 1973
+RMD160 cb7af0db0f00c21ca442fad158f424c4b44e1620 files/horde-3.1.1-xss.diff 1973
+SHA256 79ab4162daea72159e7560056c8185ad3cbe47d043bd445c42714260f79ca560 files/horde-3.1.1-xss.diff 1973
+DIST horde-2.2.9.tar.gz 683026 RMD160 cfd4acad3afe5fd897d6b53c433bb91782fde1f9 SHA1 48aed8aa02432622135e95184def93584301d209 SHA256 a14c1e115d562d9f2b9464ecb2df8e304fa461601f87c5c00b260a923bcf8c64
+DIST horde-3.0.9.tar.gz 3738315 RMD160 e62778f0de7dd3c77f15b0ce760cb6f146ab7027 SHA1 ce12e4d6921ab43d1d365a07fbeef24f81df154c SHA256 6fac31eb9afdd87ebe1ea7ff3c27ba7fc8d46451a18e00cb43830df980913cd1
+DIST horde-3.1.1.tar.gz 5068434 RMD160 bb98dbc34caa3410382dcf34afba20e257c62a8d SHA1 8735a11bc42f5aae7b70a555763d239614e4aca5 SHA256 5edb80766cb71832b1c5435b5093392164dbab46bdf5a496050620249d66e06f
+DIST horde-3.1.tar.gz 4880320 RMD160 124ced625af74e4bc36f0986e66bb4a2e6f70dcb SHA1 4204b43c62101426b77681d5a4cc3d454685fba1 SHA256 eef3018d0bf9781d8428a554b4203aa10c4ff3f550d600518f2555b2cd91812c
+EBUILD horde-2.2.9.ebuild 815 RMD160 582673d050b7ae129cec6890f1a98b3371e4e1d7 SHA1 08b3c765c016e77027564d77fbc60b70a35eac33 SHA256 1cc9e7d25ccca8a70fc3e9ac2dc4e223be326aa1356c006be1a535b2e9896d29
 MD5 a7a4cc04717168625c1fc8fe64b15f8d horde-2.2.9.ebuild 815
+RMD160 582673d050b7ae129cec6890f1a98b3371e4e1d7 horde-2.2.9.ebuild 815
+SHA256 1cc9e7d25ccca8a70fc3e9ac2dc4e223be326aa1356c006be1a535b2e9896d29 horde-2.2.9.ebuild 815
+EBUILD horde-3.0.9.ebuild 867 RMD160 33f7fa051475e6d4fa3ce2db13718e5356f35115 SHA1 10c15735f8cb263bc5c6e4214425f3a6ade5715c SHA256 e968a1a39ae1c8213028002aedda16d5cc09168fe1d0daa99140c1b4921db083
 MD5 52334142f91e41aa0b6de7a4d1692d5a horde-3.0.9.ebuild 867
+RMD160 33f7fa051475e6d4fa3ce2db13718e5356f35115 horde-3.0.9.ebuild 867
+SHA256 e968a1a39ae1c8213028002aedda16d5cc09168fe1d0daa99140c1b4921db083 horde-3.0.9.ebuild 867
+EBUILD horde-3.1.1-r1.ebuild 938 RMD160 6cc1aa2df198d32de752dfb54d375fc2bdacf606 SHA1 90695b1803232b29a17b681ca17fdf31083939cb SHA256 07b623b23a5c40ff8dd4f6d5827bf551456c8cf9678d702faaffe227663eaac2
+MD5 88514fda6e183658a2f262c6b1c5d344 horde-3.1.1-r1.ebuild 938
+RMD160 6cc1aa2df198d32de752dfb54d375fc2bdacf606 horde-3.1.1-r1.ebuild 938
+SHA256 07b623b23a5c40ff8dd4f6d5827bf551456c8cf9678d702faaffe227663eaac2 horde-3.1.1-r1.ebuild 938
+EBUILD horde-3.1.1.ebuild 858 RMD160 6b11d4409772c5f190b396500f718802c30758e1 SHA1 14c0e6d6644d08f7da891346cac7ba2cd75022f3 SHA256 4720ee655a7fd157886c9a33f02e5608e52b5de1335c84716b14017bb672e5a9
 MD5 5c6ddbed7f5dbdbd8e3381f3708eec7f horde-3.1.1.ebuild 858
+RMD160 6b11d4409772c5f190b396500f718802c30758e1 horde-3.1.1.ebuild 858
+SHA256 4720ee655a7fd157886c9a33f02e5608e52b5de1335c84716b14017bb672e5a9 horde-3.1.1.ebuild 858
+EBUILD horde-3.1.ebuild 859 RMD160 f81de0bdccf92b22869af243288b6f29f53eed61 SHA1 f5edc25e15f4aedb5e2a4e0a5a58c3198de5958e SHA256 251f5e1a165a2f69ef39f408d0489016950e99aed7dbe9cd9b45a4900b76ec7b
 MD5 0135c47ca162451df6a6d58058363f91 horde-3.1.ebuild 859
+RMD160 f81de0bdccf92b22869af243288b6f29f53eed61 horde-3.1.ebuild 859
+SHA256 251f5e1a165a2f69ef39f408d0489016950e99aed7dbe9cd9b45a4900b76ec7b horde-3.1.ebuild 859
+MISC ChangeLog 6362 RMD160 7932ab37fc9add0cf391ae7271a3932807d8127d SHA1 8ff9a83301cc95fceaef67ef6c7415f728a00a00 SHA256 1b8316b98b63a6a2827d3ccdc8d0dda2268295d0da9dbb3a8ad89e60c2e93c11
+MD5 a23c599e394afa631a04e7000a05cbac ChangeLog 6362
+RMD160 7932ab37fc9add0cf391ae7271a3932807d8127d ChangeLog 6362
+SHA256 1b8316b98b63a6a2827d3ccdc8d0dda2268295d0da9dbb3a8ad89e60c2e93c11 ChangeLog 6362
+MISC metadata.xml 475 RMD160 c895dadf7bb95308f7772e84890e967062f8532b SHA1 de84e86487a9c80193460baca6f7966215031eb6 SHA256 97f5a98a341d383ec20d1e5551e6cb9c638fcb7cef982f2f13c907e0adcdf416
 MD5 cb784fc68f8ebab5c112b7067200fa7f metadata.xml 475
+RMD160 c895dadf7bb95308f7772e84890e967062f8532b metadata.xml 475
+SHA256 97f5a98a341d383ec20d1e5551e6cb9c638fcb7cef982f2f13c907e0adcdf416 metadata.xml 475
+MD5 cbf7b459f632eef06f6c31a6a9a1a5e5 files/digest-horde-2.2.9 235
+RMD160 3200ed55776acc8c2b29f26f7b2d67fdea37f72f files/digest-horde-2.2.9 235
+SHA256 7bd1963a2ac1732cea77191b3672e5657edf545a63caee5009d59654846a7a1a files/digest-horde-2.2.9 235
+MD5 dbb1c3c6b2418c72b62d1449bcc49075 files/digest-horde-3.0.9 238
+RMD160 cb653e943aed691a5d671666a9684134f3c1949a files/digest-horde-3.0.9 238
+SHA256 2bb95aed1207f467e8d5700156842577fe3ddbb82b49cf2242078a76d38659f6 files/digest-horde-3.0.9 238
+MD5 1b1f93d57f364f65a27d9c4365ab7c72 files/digest-horde-3.1 232
+RMD160 16f95b7150c6fd839d0b360cd34e5d74d87b6109 files/digest-horde-3.1 232
+SHA256 ba650a84df3fa0ae7a1d85dbea42b00a4f269fc2f83789ce719d889501971e48 files/digest-horde-3.1 232
+MD5 581a2d776ccb73879f6947e8041c8eed files/digest-horde-3.1.1 238
+RMD160 044cf54bd95a4ea9bd357ab99e8b6863b905c63e files/digest-horde-3.1.1 238
+SHA256 fb9e9364ffda87f1724d299e9a70679ac553ae9513f6889ab05ed8a6cbdb5870 files/digest-horde-3.1.1 238
+MD5 581a2d776ccb73879f6947e8041c8eed files/digest-horde-3.1.1-r1 238
+RMD160 044cf54bd95a4ea9bd357ab99e8b6863b905c63e files/digest-horde-3.1.1-r1 238
+SHA256 fb9e9364ffda87f1724d299e9a70679ac553ae9513f6889ab05ed8a6cbdb5870 files/digest-horde-3.1.1-r1 238
diff --git a/www-apps/horde/files/digest-horde-2.2.9 b/www-apps/horde/files/digest-horde-2.2.9
index ab87461b9fb17b703b8f7de274509e27bf6039f6..e3da094e9c222a887b0344ce504d601ed03009f3 100644 (file)
--- a/www-apps/horde/files/digest-horde-2.2.9
+++ b/www-apps/horde/files/digest-horde-2.2.9
@@ -1 +1,3 @@
 MD5 0d1a8a52ee69307fe2d687edd0b1c3c8 horde-2.2.9.tar.gz 683026
+RMD160 cfd4acad3afe5fd897d6b53c433bb91782fde1f9 horde-2.2.9.tar.gz 683026
+SHA256 a14c1e115d562d9f2b9464ecb2df8e304fa461601f87c5c00b260a923bcf8c64 horde-2.2.9.tar.gz 683026
diff --git a/www-apps/horde/files/digest-horde-3.0.9 b/www-apps/horde/files/digest-horde-3.0.9
index 8c0e3b246b3eba999bc17afb5f465c1dfc4bf468..8e0751ecaf70941a49c90f4b08f8c68c73bb03aa 100644 (file)
--- a/www-apps/horde/files/digest-horde-3.0.9
+++ b/www-apps/horde/files/digest-horde-3.0.9
@@ -1 +1,3 @@
 MD5 00bb74eb4b208392d2ae065e4bc73531 horde-3.0.9.tar.gz 3738315
+RMD160 e62778f0de7dd3c77f15b0ce760cb6f146ab7027 horde-3.0.9.tar.gz 3738315
+SHA256 6fac31eb9afdd87ebe1ea7ff3c27ba7fc8d46451a18e00cb43830df980913cd1 horde-3.0.9.tar.gz 3738315
diff --git a/www-apps/horde/files/digest-horde-3.1 b/www-apps/horde/files/digest-horde-3.1
index 1e73f967dd6fb60006c2baf336c81eea3a80a648..d11496a6abb8e094fe62723f6f7c843d9395d02a 100644 (file)
--- a/www-apps/horde/files/digest-horde-3.1
+++ b/www-apps/horde/files/digest-horde-3.1
@@ -1,3 +1,3 @@
+MD5 4761fc976e72ece7e8257cfb5c5f86b9 horde-3.1.tar.gz 4880320
 RMD160 124ced625af74e4bc36f0986e66bb4a2e6f70dcb horde-3.1.tar.gz 4880320
 SHA256 eef3018d0bf9781d8428a554b4203aa10c4ff3f550d600518f2555b2cd91812c horde-3.1.tar.gz 4880320
-MD5 4761fc976e72ece7e8257cfb5c5f86b9 horde-3.1.tar.gz 4880320
diff --git a/www-apps/horde/files/digest-horde-3.1.1-r1 b/www-apps/horde/files/digest-horde-3.1.1-r1
new file mode 100644 (file)
index 0000000..6d7c346
--- /dev/null
+++ b/www-apps/horde/files/digest-horde-3.1.1-r1
@@ -0,0 +1,3 @@
+MD5 ef5001144b80422b71454d285056e90a horde-3.1.1.tar.gz 5068434
+RMD160 bb98dbc34caa3410382dcf34afba20e257c62a8d horde-3.1.1.tar.gz 5068434
+SHA256 5edb80766cb71832b1c5435b5093392164dbab46bdf5a496050620249d66e06f horde-3.1.1.tar.gz 5068434
diff --git a/www-apps/horde/files/horde-3.1.1-xss.diff b/www-apps/horde/files/horde-3.1.1-xss.diff
new file mode 100644 (file)
index 0000000..00b36f0
--- /dev/null
+++ b/www-apps/horde/files/horde-3.1.1-xss.diff
@@ -0,0 +1,49 @@
+--- horde3-3.1.1.orig/templates/problem/problem.inc
++++ horde3-3.1.1/templates/problem/problem.inc
+@@ -31,17 +31,17 @@
+ <tr>
+     <td class="light rightAlign"><?php echo _("Your Name") ?></td>
+-    <td><input type="text" tabindex="1" name="name" value="<?php echo $name ?>" size="70" /></td>
++    <td><input type="text" tabindex="1" name="name" value="<?php echo htmlspecialchars($name) ?>" size="70" /></td>
+ </tr>
+ <tr>
+     <td class="light rightAlign"><?php echo _("Your Email Address") ?></td>
+-    <td><input type="text" tabindex="2" name="email" value="<?php echo $email ?>" size="70" /></td>
++    <td><input type="text" tabindex="2" name="email" value="<?php echo htmlspecialchars($email) ?>" size="70" /></td>
+ </tr>
+ <tr>
+     <td class="light rightAlign"><?php echo _("Short Summary") ?></td>
+-    <td><input type="text" tabindex="3" name="subject" value="<?php echo $subject ?>" size="70" /></td>
++    <td><input type="text" tabindex="3" name="subject" value="<?php echo htmlspecialchars($subject) ?>" size="70" /></td>
+ </tr>
+ <tr>
+@@ -49,7 +49,7 @@
+ </tr>
+ <tr>
+     <td></td>
+-    <td><textarea tabindex="4" name="message" rows="20" cols="80" wrap="hard"><?php echo $message ?></textarea></td>
++    <td><textarea tabindex="4" name="message" rows="20" cols="80" wrap="hard"><?php echo htmlspecialchars($message) ?></textarea></td>
+ </tr>
+ <tr>
+--- horde3-3.1.1.orig/test.php
++++ horde3-3.1.1/test.php
+@@ -250,12 +250,12 @@
+         exit;
+     case 'phpinfo':
+-        echo '<a href="' . $url . '?mode=test">&lt;&lt; Back to test.php</a>';
++        echo '<a href="' . htmlspecialchars($url) . '?mode=test">&lt;&lt; Back to test.php</a>';
+         phpinfo();
+         exit;
+     case 'filetest':
+-        echo '<a href="' . $url . '?mode=test">&lt;&lt; Back to test.php</a>';
++        echo '<a href="' . htmlspecialchars($url) . '?mode=test">&lt;&lt; Back to test.php</a>';
+         ?>
+         <html>
+         <body bgcolor="white" text="black">
diff --git a/www-apps/horde/horde-3.1.1-r1.ebuild b/www-apps/horde/horde-3.1.1-r1.ebuild
new file mode 100644 (file)
index 0000000..d7d0e71
--- /dev/null
+++ b/www-apps/horde/horde-3.1.1-r1.ebuild
@@ -0,0 +1,35 @@
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/www-apps/horde/horde-3.1.1-r1.ebuild,v 1.1 2006/06/15 18:41:52 chtekk Exp $
+
+HORDE_PHP_FEATURES="session xml"
+
+# Patch to fix bug #136830
+EHORDE_PATCHES="${FILESDIR}/${P}-xss.diff"
+
+inherit horde
+
+DESCRIPTION="Horde Application Framework"
+HOMEPAGE="http://www.horde.org/"
+
+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~sparc ~x86"
+IUSE="mysql"
+
+DEPEND=""
+RDEPEND="virtual/php
+       >=sys-devel/gettext-0.10.40
+       >=dev-libs/libxml2-2.4.21
+       >=www-apps/horde-pear-1.3
+       dev-php/PEAR-Log
+       dev-php/PEAR-Mail_Mime
+       mysql? ( dev-php/PEAR-DB )"
+
+pkg_postinst() {
+       horde_pkg_postinst
+       echo
+       einfo "Horde requires PHP to have:"
+       einfo "    ==> 'short_open_tag enabled = On'"
+       einfo "    ==> 'magic_quotes_runtime set = Off'"
+       einfo "    ==> 'file_uploads enabled = On'"
+       einfo "Please edit /etc/php/apache2-php4/php.ini"
+}
Unnamed repository; edit this file 'description' to name the repository.