Add a patch based r1041 from the repository of Contao to fix potential XSS vulnerability. Bump PKGREVISION.diff -r1.2 -r1.3 pkgsrc/www/typolight28/DESCR
(taca)
@@ -22,16 +22,13 @@ contemporary websites without being a pr | @@ -22,16 +22,13 @@ contemporary websites without being a pr | |||
22 | * Powerful site structure | 22 | * Powerful site structure | |
23 | * Fine-grained permission system | 23 | * Fine-grained permission system | |
24 | * Flexible form generator | 24 | * Flexible form generator | |
25 | * Full-text search engine | 25 | * Full-text search engine | |
26 | * Built-in CSS framework | 26 | * Built-in CSS framework | |
27 | * Built-in file manager | 27 | * Built-in file manager | |
28 | * Built-in news/blog module | 28 | * Built-in news/blog module | |
29 | * Built-in calendar module | 29 | * Built-in calendar module | |
30 | * Built-in newsletter module | 30 | * Built-in newsletter module | |
31 | * Wide choice of additional modules | 31 | * Wide choice of additional modules | |
32 | * Accessible front and back end | 32 | * Accessible front and back end | |
33 | * Easy live update | 33 | * Easy live update | |
34 | * Ajax and PHP 5 | 34 | * Ajax and PHP 5 | |
35 | ||||
36 | Note: Live update feature would work with typolight-liveupdate PKG_OPTION | |||
37 | enabled, but it might be conflict with regular pkgsrc maintainous. |
@@ -1,19 +1,19 @@ | @@ -1,19 +1,19 @@ | |||
1 | # $NetBSD: Makefile,v 1.14 2011/09/16 05:46:27 obache Exp $ | 1 | # $NetBSD: Makefile,v 1.15 2011/10/07 12:29:41 taca Exp $ | |
2 | # | 2 | # | |
3 | 3 | |||
4 | DISTNAME= typolight-${TL_VERSION} | 4 | DISTNAME= typolight-${TL_VERSION} | |
5 | PKGNAME= typolight${TL_VER}-${TL_PKGVER} | 5 | PKGNAME= typolight${TL_VER}-${TL_PKGVER} | |
6 | PKGREVISION= 4 | 6 | PKGREVISION= 5 | |
7 | CATEGORIES= www | 7 | CATEGORIES= www | |
8 | MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=typolight/} | 8 | MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=typolight/} | |
9 | 9 | |||
10 | MAINTAINER= taca@NetBSD.org | 10 | MAINTAINER= taca@NetBSD.org | |
11 | HOMEPAGE= http://www.contao.org/ | 11 | HOMEPAGE= http://www.contao.org/ | |
12 | COMMENT= Powerful web content management system (CMS) | 12 | COMMENT= Powerful web content management system (CMS) | |
13 | LICENSE= gnu-lgpl-v3 | 13 | LICENSE= gnu-lgpl-v3 | |
14 | 14 | |||
15 | DEPENDS+= ${PHP_PKG_PREFIX}-gd>=5.2.0:../../graphics/php-gd | 15 | DEPENDS+= ${PHP_PKG_PREFIX}-gd>=5.2.0:../../graphics/php-gd | |
16 | DEPENDS+= ${PHP_PKG_PREFIX}-mbstring>=5.2.0:../../converters/php-mbstring | 16 | DEPENDS+= ${PHP_PKG_PREFIX}-mbstring>=5.2.0:../../converters/php-mbstring | |
17 | DEPENDS+= ${PHP_PKG_PREFIX}-mysql>=5.2.0:../../databases/php-mysql | 17 | DEPENDS+= ${PHP_PKG_PREFIX}-mysql>=5.2.0:../../databases/php-mysql | |
18 | DEPENDS+= ${PHP_PKG_PREFIX}-mcrypt>=5.2.0:../../security/php-mcrypt | 18 | DEPENDS+= ${PHP_PKG_PREFIX}-mcrypt>=5.2.0:../../security/php-mcrypt | |
19 | DEPENDS+= ${PHP_PKG_PREFIX}-soap>=5.2.0:../../net/php-soap | 19 | DEPENDS+= ${PHP_PKG_PREFIX}-soap>=5.2.0:../../net/php-soap |
@@ -1,8 +1,8 @@ | @@ -1,8 +1,8 @@ | |||
1 | $NetBSD: distinfo,v 1.10 2011/01/06 14:23:41 taca Exp $ | 1 | $NetBSD: distinfo,v 1.11 2011/10/07 12:29:41 taca Exp $ | |
2 | 2 | |||
3 | SHA1 (typolight-2.8.4.tar.gz) = d18d684a06f5dd29ffc6a28d08143feb613cd47b | 3 | SHA1 (typolight-2.8.4.tar.gz) = d18d684a06f5dd29ffc6a28d08143feb613cd47b | |
4 | RMD160 (typolight-2.8.4.tar.gz) = ad82d00e3b7ec4e604640779fec841fcfc65f75c | 4 | RMD160 (typolight-2.8.4.tar.gz) = ad82d00e3b7ec4e604640779fec841fcfc65f75c | |
5 | Size (typolight-2.8.4.tar.gz) = 4097946 bytes | 5 | Size (typolight-2.8.4.tar.gz) = 4097946 bytes | |
6 | SHA1 (patch-ad) = 207ce919bb6fa7148108f8bd075d3a7d7ad1eeb9 | 6 | SHA1 (patch-ad) = ee5524db7764c9c5ede3affcb99ed0f8864d522e | |
7 | SHA1 (patch-ae) = eed6db905809b3782acb8324799de6bc8d4e855b | 7 | SHA1 (patch-ae) = eed6db905809b3782acb8324799de6bc8d4e855b | |
8 | SHA1 (patch-af) = 868309cff4ba1855a96745c578737878f8d118d5 | 8 | SHA1 (patch-af) = 868309cff4ba1855a96745c578737878f8d118d5 |
@@ -1,20 +1,49 @@ | @@ -1,20 +1,49 @@ | |||
1 | $NetBSD: patch-ad,v 1.1 2010/07/28 16:24:20 taca Exp $ | 1 | $NetBSD: patch-ad,v 1.2 2011/10/07 12:29:42 taca Exp $ | |
2 | 2 | |||
3 | Fix for CSS from repository, r507. | 3 | * Fix for CSS from repository, r507. | |
4 | * Fix potential XSS vulnerability, r1041. | |||
4 | 5 | |||
5 | --- system/modules/frontend/Frontend.php.orig 2010-04-19 10:22:31.000000000 +0000 | 6 | --- system/modules/frontend/Frontend.php.orig 2010-04-19 10:22:31.000000000 +0000 | |
6 | +++ system/modules/frontend/Frontend.php | 7 | +++ system/modules/frontend/Frontend.php | |
7 | @@ -166,8 +166,16 @@ abstract class Frontend extends Controll | 8 | @@ -78,7 +78,7 @@ abstract class Frontend extends Controll | |
9 | return is_numeric($this->Input->get('id')) ? $this->Input->get('id') : null; | |||
10 | } | |||
11 | ||||
12 | - if (!strlen($this->Environment->request)) | |||
13 | + if ($this->Environment->request == '') | |||
14 | { | |||
15 | return null; | |||
16 | } | |||
17 | @@ -104,13 +104,15 @@ abstract class Frontend extends Controll | |||
18 | } | |||
19 | } | |||
20 | ||||
21 | - // Add fragments to $_GET array | |||
22 | + // DO NOT USE urldecode() HERE (XSS vulnerability)! | |||
23 | + | |||
24 | + // Add the fragments to the $_GET array | |||
25 | for ($i=1; $i<count($arrFragments); $i+=2) | |||
26 | { | |||
27 | - $_GET[urldecode($arrFragments[$i])] = urldecode($arrFragments[$i+1]); | |||
28 | + $_GET[$arrFragments[$i]] = $arrFragments[$i+1]; | |||
29 | } | |||
30 | ||||
31 | - return strlen($arrFragments[0]) ? urldecode($arrFragments[0]) : null; | |||
32 | + return ($arrFragments[0] != '') ? $arrFragments[0] : null; | |||
33 | } | |||
34 | ||||
35 | ||||
36 | @@ -166,8 +168,16 @@ abstract class Frontend extends Controll | |||
8 | protected function addToUrl($strRequest, $blnIgnoreParams=false) | 37 | protected function addToUrl($strRequest, $blnIgnoreParams=false) | |
9 | { | 38 | { | |
10 | $arrGet = $blnIgnoreParams ? array() : $_GET; | 39 | $arrGet = $blnIgnoreParams ? array() : $_GET; | |
11 | + | 40 | + | |
12 | + // Clean the $_GET values (thanks to thyon) | 41 | + // Clean the $_GET values (thanks to thyon) | |
13 | + foreach (array_keys($arrGet) as $key) | 42 | + foreach (array_keys($arrGet) as $key) | |
14 | + { | 43 | + { | |
15 | + $arrGet[$key] = $this->Input->get($key, true); | 44 | + $arrGet[$key] = $this->Input->get($key, true); | |
16 | + } | 45 | + } | |
17 | + | 46 | + | |
18 | $arrFragments = preg_split('/&(amp;)?/i', $strRequest); | 47 | $arrFragments = preg_split('/&(amp;)?/i', $strRequest); | |
19 | 48 | |||
20 | + // Merge the new request string | 49 | + // Merge the new request string |