From: Christian Faulhammer Date: Sat, 6 Jan 2007 18:30:51 +0000 (+0000) Subject: added patch with warning when using web frontend because it may be a security risk... X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=ce1d20df1c853b5f0236ff32f70d239c5a1a7ce8;p=gentoo.git added patch with warning when using web frontend because it may be a security risk, see bug #158831 Package-Manager: portage-2.1.1-r2 --- diff --git a/dev-util/cscope/ChangeLog b/dev-util/cscope/ChangeLog index c99e33e83a3d..4eb26d6be898 100644 --- a/dev-util/cscope/ChangeLog +++ b/dev-util/cscope/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for dev-util/cscope # Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-util/cscope/ChangeLog,v 1.80 2007/01/05 07:51:05 flameeyes Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-util/cscope/ChangeLog,v 1.81 2007/01/06 18:30:51 opfer Exp $ + +*cscope-15.6-r1 (06 Jan 2007) + + 06 Jan 2007; Christian Faulhammer + +files/cscope-158831-warning_webscope.patch, +cscope-15.6-r1.ebuild: + added patch with warning when using web frontend because it may be a + security risk, see bug #158831 05 Jan 2007; Diego Pettenò cscope-15.5-r6.ebuild, cscope-15.5.20060927.ebuild, cscope-15.5.20060927-r1.ebuild: diff --git a/dev-util/cscope/Manifest b/dev-util/cscope/Manifest index c1fceec7a062..d8c31b1c6046 100644 --- a/dev-util/cscope/Manifest +++ b/dev-util/cscope/Manifest @@ -29,6 +29,10 @@ AUX cscope-15.5-tempfile.patch 2817 RMD160 36ec0d8b8883a90a08733f7a60054bfe750ca MD5 6b8c74fb664bfaada3d95003f6c1134a files/cscope-15.5-tempfile.patch 2817 RMD160 36ec0d8b8883a90a08733f7a60054bfe750ca2f4 files/cscope-15.5-tempfile.patch 2817 SHA256 9653cdbb47d7fe2450f53e4661d8e6756082c84091e8d5b7c3ebbb8a71eb7c5e files/cscope-15.5-tempfile.patch 2817 +AUX cscope-158831-warning_webscope.patch 688 RMD160 7108af388d55f9ac48117b854d946b4df98bd263 SHA1 8a7f2de595263dea06c470e90dc0508079fa09dd SHA256 1b603d7ba88b6cf31b3ba27e78bc48cc51bd5d0e04fce6c2832390d862ccc177 +MD5 3a7fec9109069a5175722a21caf8da09 files/cscope-158831-warning_webscope.patch 688 +RMD160 7108af388d55f9ac48117b854d946b4df98bd263 files/cscope-158831-warning_webscope.patch 688 +SHA256 1b603d7ba88b6cf31b3ba27e78bc48cc51bd5d0e04fce6c2832390d862ccc177 files/cscope-158831-warning_webscope.patch 688 DIST cscope-15.5-debian-security.patch.gz 5765 RMD160 2e7f7c768c51927a036e4aa8f8903c4511c9e025 SHA1 d921c0cbad4e50be8499feb6a4ec20999b318765 SHA256 17d3aa74fb9af5b085fa13eab2b96b3ed9cdeeebbe181144a72535da3c615352 DIST cscope-15.5.20060927.tar.gz 274045 RMD160 13125578fe9e532220335de1b3d00d775f40447a SHA1 369c25c6112705dc522b2bab370ac8bd606cd01c SHA256 f8799f0a1f943837a5b0cbe07e6c7e2b2a017109508ae1b492e8eb470459f45a DIST cscope-15.5.tar.gz 243793 RMD160 30623f07043abc90d76b384c407abe5813a8a716 SHA1 2e8e66735254328399dc50757b270bcc3e9002d3 SHA256 be49cda0a9d33add89cabe0dfcef436a2863a7b0b833767875e0b7a6e8b4c4d1 @@ -45,14 +49,18 @@ EBUILD cscope-15.5.20060927.ebuild 1428 RMD160 28458ed75352f3535d513e44cdf50c1f4 MD5 574413ddcc1b1451a443b4f10cdb372c cscope-15.5.20060927.ebuild 1428 RMD160 28458ed75352f3535d513e44cdf50c1f464e4db1 cscope-15.5.20060927.ebuild 1428 SHA256 8083a2bcfbfb460ef8f5b971346e00b9707114231f7cfdeb8bd8d8c1658dcbc6 cscope-15.5.20060927.ebuild 1428 +EBUILD cscope-15.6-r1.ebuild 1474 RMD160 e0e262a1d1adde648ad336099d050d42f646b2f3 SHA1 79bd2322af6585ab1ffef018e72ec6b4adb70606 SHA256 702aa9d6039991345921e940f3da818c77b8b78892e7c68396c9da77be7134d6 +MD5 6d32235e077abea46153ac4dfc661d91 cscope-15.6-r1.ebuild 1474 +RMD160 e0e262a1d1adde648ad336099d050d42f646b2f3 cscope-15.6-r1.ebuild 1474 +SHA256 702aa9d6039991345921e940f3da818c77b8b78892e7c68396c9da77be7134d6 cscope-15.6-r1.ebuild 1474 EBUILD cscope-15.6.ebuild 1320 RMD160 3d1d04ba4c7e2aaff15811a67178e1583a3b38af SHA1 8b3cf118989a8f7e8d836a8dd9685c8d92572d06 SHA256 8c42f1f732fe9961189d94cd8bfa184f904e9c836e8d5115e51d574ca5910461 MD5 9453b05bae0570b785a88aef123328df cscope-15.6.ebuild 1320 RMD160 3d1d04ba4c7e2aaff15811a67178e1583a3b38af cscope-15.6.ebuild 1320 SHA256 8c42f1f732fe9961189d94cd8bfa184f904e9c836e8d5115e51d574ca5910461 cscope-15.6.ebuild 1320 -MISC ChangeLog 10492 RMD160 a824f1333ea31b1c34158e11afbf54b81bff919a SHA1 3b90be3155ea59a36a37078bb07b8c736c63d334 SHA256 f388595d8c462660ec445f3f585821760f786438e672739e17806b6b326fb898 -MD5 a42bd9bda8396806635cb6a5d4fe56db ChangeLog 10492 -RMD160 a824f1333ea31b1c34158e11afbf54b81bff919a ChangeLog 10492 -SHA256 f388595d8c462660ec445f3f585821760f786438e672739e17806b6b326fb898 ChangeLog 10492 +MISC ChangeLog 10750 RMD160 86276300f25c8955c43a9aeb4062a5fb1f2e8242 SHA1 b246c48588d557f9d61f93c2f612015294a4a176 SHA256 5c3f7c1c0866b985c6b6705e5ecfd6620a42330bd3113af9b321806039d2c65a +MD5 2999ab504c723858605bc8de33c8bfe0 ChangeLog 10750 +RMD160 86276300f25c8955c43a9aeb4062a5fb1f2e8242 ChangeLog 10750 +SHA256 5c3f7c1c0866b985c6b6705e5ecfd6620a42330bd3113af9b321806039d2c65a ChangeLog 10750 MISC metadata.xml 790 RMD160 7889067edaf88f6188a74c114c39160fcf827f71 SHA1 379cdedd442db840c7d9ea38c13cdb917ece90eb SHA256 c357e749a49ff673990a6cfdda92bd8589d6b5d2d8a4f45e8976d7bd7eb384d8 MD5 79094d1585cb050b3855fbfe440f22b9 metadata.xml 790 RMD160 7889067edaf88f6188a74c114c39160fcf827f71 metadata.xml 790 @@ -69,10 +77,13 @@ SHA256 87cd5cc6a7db39bc562324acdafd63b1de08727cdcdfdef4536690689cd12e25 files/di MD5 4bd8ebc34f7028967f258d210e5b5e77 files/digest-cscope-15.6 235 RMD160 d6ef0554329cdf3c560ab5cbfadae810a3e529b6 files/digest-cscope-15.6 235 SHA256 5dd44a7fae431e139f023aedb5fd9742666c433ddf5a9b006cb1b461ff1c1ecd files/digest-cscope-15.6 235 +MD5 4bd8ebc34f7028967f258d210e5b5e77 files/digest-cscope-15.6-r1 235 +RMD160 d6ef0554329cdf3c560ab5cbfadae810a3e529b6 files/digest-cscope-15.6-r1 235 +SHA256 5dd44a7fae431e139f023aedb5fd9742666c433ddf5a9b006cb1b461ff1c1ecd files/digest-cscope-15.6-r1 235 -----BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.1 (GNU/Linux) +Version: GnuPG v1.4.6 (GNU/Linux) -iD8DBQFFngNwAiZjviIA2XgRAqNtAKCdpbhYJsrgCbpvQQhzcgyjH9VI5gCgsKVE -XiHiaye2tE/yALOG/VuzQB8= -=7vG8 +iD8DBQFFn+rSNQqtfCuFneMRAlfVAJ9mP7+EYbhBWC+zRpSoN4jz1cScjACfaV3n +lYZt/A0mc1IGq7m6Wj2OcvE= +=Vg6s -----END PGP SIGNATURE----- diff --git a/dev-util/cscope/cscope-15.6-r1.ebuild b/dev-util/cscope/cscope-15.6-r1.ebuild new file mode 100644 index 000000000000..7d077001b308 --- /dev/null +++ b/dev-util/cscope/cscope-15.6-r1.ebuild @@ -0,0 +1,64 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-util/cscope/cscope-15.6-r1.ebuild,v 1.1 2007/01/06 18:30:51 opfer Exp $ + +inherit elisp-common eutils + +DESCRIPTION="Interactively examine a C program" +HOMEPAGE="http://cscope.sourceforge.net/" +SRC_URI="mirror://sourceforge/cscope/${P}.tar.gz" + +LICENSE="as-is" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~sparc-fbsd ~x86 ~x86-fbsd" +IUSE="emacs" + +RDEPEND=">=sys-libs/ncurses-5.2" +DEPEND="${RDEPEND} + sys-devel/flex + sys-devel/bison + >=sys-devel/autoconf-2.60 + emacs? ( virtual/emacs )" + +SITEFILE=50xcscope-gentoo.el + +src_unpack() { + unpack ${A} + + # warn users of insecure web frontend, see bug #158831 + epatch "${FILESDIR}/${PN}-158831-warning_webscope.patch" +} + +src_compile() { + STRIP="no" + + econf || die + make clean || die + emake || die + + if use emacs ; then + cd "${S}"/contrib/xcscope || die + elisp-compile *.el || die + fi +} + +src_install() { + einstall || die + dodoc NEWS AUTHORS TODO ChangeLog INSTALL README* || die + + if use emacs ; then + cd ${S}/contrib/xcscope || die + elisp-install xcscope *.el *.elc || die + elisp-site-file-install ${FILESDIR}/${SITEFILE} xcscope || die + dobin cscope-indexer || die + fi + cp -r ${S}/contrib/webcscope ${D}/usr/share/doc/${PF}/ || die +} + +pkg_postinst() { + use emacs && elisp-site-regen +} + +pkg_postrm() { + use emacs && elisp-site-regen +} diff --git a/dev-util/cscope/files/cscope-158831-warning_webscope.patch b/dev-util/cscope/files/cscope-158831-warning_webscope.patch new file mode 100644 index 000000000000..5b2305283349 --- /dev/null +++ b/dev-util/cscope/files/cscope-158831-warning_webscope.patch @@ -0,0 +1,16 @@ +--- /tmp/cscope 2007-01-06 19:11:10.000000000 +0100 ++++ cscope 2007-01-06 19:15:16.000000000 +0100 +@@ -1,4 +1,4 @@ +-#!/bin/perl ++#!/usr/bin/perl + + # $Id: cscope-158831-warning_webscope.patch,v 1.1 2007/01/06 18:30:51 opfer Exp $ + # +@@ -375,6 +375,7 @@ + print &HtmlTop ("Web-CScope"); + + print <Be aware that this webfrontend is insecure and allows viewing ALL apache readable files, including your configuration!

+ Select an operation below and enter a symbol, function or text to search in + the database. The active version is $version. Input is case-sensitive, + so if your search returns no results, check the case and the symbol name.
diff --git a/dev-util/cscope/files/digest-cscope-15.6-r1 b/dev-util/cscope/files/digest-cscope-15.6-r1 new file mode 100644 index 000000000000..01c0b5205907 --- /dev/null +++ b/dev-util/cscope/files/digest-cscope-15.6-r1 @@ -0,0 +1,3 @@ +MD5 db87833f90d8267b1fc0c419cfc4d219 cscope-15.6.tar.gz 391223 +RMD160 b93238d3c91782d032e028abcfde3c2a7491a9c9 cscope-15.6.tar.gz 391223 +SHA256 6d6461ef402a1d6e42e1cd40e7524c4ed19e79eacef1d83ba4ed680f7bcac5ca cscope-15.6.tar.gz 391223