1 |
commit: 2b46d37e6fd1b061384d4fe6ad46ac54afd0a775 |
2 |
Author: Bernard Cafarelli <voyageur <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Feb 29 20:53:46 2020 +0000 |
4 |
Commit: Bernard Cafarelli <voyageur <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Feb 29 20:53:46 2020 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2b46d37e |
7 |
|
8 |
www-apps/piwigo: backport fix for CVE-2020-8089 |
9 |
|
10 |
Drop old vulnerable version |
11 |
Also backport some PHP 7.4 compatibility fixes |
12 |
|
13 |
Bug: https://bugs.gentoo.org/709324 |
14 |
Package-Manager: Portage-2.3.89, Repoman-2.3.20 |
15 |
Signed-off-by: Bernard Cafarelli <voyageur <AT> gentoo.org> |
16 |
|
17 |
www-apps/piwigo/files/piwigo-2.10.1-css_vuln.patch | 94 ++++++++++++++++++++++ |
18 |
.../files/piwigo-2.10.1-php7.4_deprecation.patch | 56 +++++++++++++ |
19 |
.../piwigo/files/piwigo-2.10.1-php7.4_notice.patch | 41 ++++++++++ |
20 |
...iwigo-2.10.1.ebuild => piwigo-2.10.1-r1.ebuild} | 7 +- |
21 |
4 files changed, 197 insertions(+), 1 deletion(-) |
22 |
|
23 |
diff --git a/www-apps/piwigo/files/piwigo-2.10.1-css_vuln.patch b/www-apps/piwigo/files/piwigo-2.10.1-css_vuln.patch |
24 |
new file mode 100644 |
25 |
index 00000000000..101777393cf |
26 |
--- /dev/null |
27 |
+++ b/www-apps/piwigo/files/piwigo-2.10.1-css_vuln.patch |
28 |
@@ -0,0 +1,94 @@ |
29 |
+From 619849ff8b39f536e9ce40687c07589f8b262278 Mon Sep 17 00:00:00 2001 |
30 |
+From: plegall <plg@××××××.org> |
31 |
+Date: Fri, 7 Feb 2020 17:05:56 +0100 |
32 |
+Subject: [PATCH] fixes #1150 prevent HTML code in group name |
33 |
+ |
34 |
+It avoids any stored XSS between administrators and it's totally useless to have HTML code in the group name. |
35 |
+--- |
36 |
+ admin/group_list.php | 14 +++++++++++++- |
37 |
+ admin/themes/default/template/group_list.tpl | 8 +++----- |
38 |
+ 2 files changed, 16 insertions(+), 6 deletions(-) |
39 |
+ |
40 |
+diff --git a/admin/group_list.php b/admin/group_list.php |
41 |
+index ba9c89fef..7e7a3bd9f 100644 |
42 |
+--- a/admin/group_list.php |
43 |
++++ b/admin/group_list.php |
44 |
+@@ -45,6 +45,11 @@ |
45 |
+ { |
46 |
+ $page['errors'][] = l10n('The name of a group must not contain " or \' or be empty.'); |
47 |
+ } |
48 |
++ else |
49 |
++ { |
50 |
++ $_POST['groupname'] = strip_tags($_POST['groupname']); |
51 |
++ } |
52 |
++ |
53 |
+ if (count($page['errors']) == 0) |
54 |
+ { |
55 |
+ // is the group not already existing ? |
56 |
+@@ -107,7 +112,7 @@ |
57 |
+ $group_names = array_from_query($query, 'name'); |
58 |
+ foreach($groups as $group) |
59 |
+ { |
60 |
+- $_POST['rename_'.$group] = stripslashes($_POST['rename_'.$group]); |
61 |
++ $_POST['rename_'.$group] = strip_tags(stripslashes($_POST['rename_'.$group])); |
62 |
+ |
63 |
+ if (in_array($_POST['rename_'.$group], $group_names)) |
64 |
+ { |
65 |
+@@ -181,6 +186,8 @@ |
66 |
+ |
67 |
+ if ($action=="merge" and count($groups) > 1) |
68 |
+ { |
69 |
++ $_POST['merge'] = strip_tags($_POST['merge']); |
70 |
++ |
71 |
+ // is the group not already existing ? |
72 |
+ $query = ' |
73 |
+ SELECT COUNT(*) |
74 |
+@@ -268,6 +275,11 @@ |
75 |
+ { |
76 |
+ break; |
77 |
+ } |
78 |
++ else |
79 |
++ { |
80 |
++ $_POST['duplicate_'.$group.''] = strip_tags(stripslashes($_POST['duplicate_'.$group.''])); |
81 |
++ } |
82 |
++ |
83 |
+ // is the group not already existing ? |
84 |
+ $query = ' |
85 |
+ SELECT COUNT(*) |
86 |
+diff --git a/admin/themes/default/template/group_list.tpl b/admin/themes/default/template/group_list.tpl |
87 |
+index b14ff1725..6f0291f3c 100644 |
88 |
+--- a/admin/themes/default/template/group_list.tpl |
89 |
++++ b/admin/themes/default/template/group_list.tpl |
90 |
+@@ -128,7 +128,7 @@ $(document).ready(function() { |
91 |
+ {if not empty($groups)} |
92 |
+ {foreach from=$groups item=group} |
93 |
+ <p group_id="{$group.ID}" class="grp_action"> |
94 |
+- <input type="text" class="large" name="rename_{$group.ID}" value="{$group.NAME}" onfocus="this.value=(this.value=='{$group.NAME}') ? '' : this.value;" onblur="this.value=(this.value=='') ? '{$group.NAME}' : this.value;"> |
95 |
++ <input type="text" class="large" name="rename_{$group.ID}" value="{$group.NAME}"> |
96 |
+ </p> |
97 |
+ {/foreach} |
98 |
+ {/if} |
99 |
+@@ -137,9 +137,8 @@ $(document).ready(function() { |
100 |
+ <!-- merge --> |
101 |
+ <div id="action_merge" class="bulkAction"> |
102 |
+ <p id="two_to_select">{'Please select at least two groups'|@translate}</p> |
103 |
+- {assign var='mergeDefaultValue' value='Type here the name of the new group'|@translate} |
104 |
+ <p id="two_atleast"> |
105 |
+- <input type="text" class="large" name="merge" value="{$mergeDefaultValue}" onfocus="this.value=(this.value=='{$mergeDefaultValue}') ? '' : this.value;" onblur="this.value=(this.value=='') ? '{$mergeDefaultValue}' : this.value;"> |
106 |
++ <input type="text" class="large" name="merge" value="" placeholder="{'Type here the name of the new group'|translate}"> |
107 |
+ </p> |
108 |
+ </div> |
109 |
+ |
110 |
+@@ -150,11 +149,10 @@ $(document).ready(function() { |
111 |
+ |
112 |
+ <!-- duplicate --> |
113 |
+ <div id="action_duplicate" class="bulkAction"> |
114 |
+- {assign var='duplicateDefaultValue' value='Type here the name of the new group'|@translate} |
115 |
+ {if not empty($groups)} |
116 |
+ {foreach from=$groups item=group} |
117 |
+ <p group_id="{$group.ID}" class="grp_action"> |
118 |
+- {$group.NAME} > <input type="text" class="large" name="duplicate_{$group.ID}" value="{$duplicateDefaultValue}" onfocus="this.value=(this.value=='{$duplicateDefaultValue}') ? '' : this.value;" onblur="this.value=(this.value=='') ? '{$duplicateDefaultValue}' : this.value;"> |
119 |
++ {$group.NAME} > <input type="text" class="large" name="duplicate_{$group.ID}" value="" placeholder="{'Type here the name of the new group'|@translate}"> |
120 |
+ </p> |
121 |
+ {/foreach} |
122 |
+ {/if} |
123 |
|
124 |
diff --git a/www-apps/piwigo/files/piwigo-2.10.1-php7.4_deprecation.patch b/www-apps/piwigo/files/piwigo-2.10.1-php7.4_deprecation.patch |
125 |
new file mode 100644 |
126 |
index 00000000000..45d57279950 |
127 |
--- /dev/null |
128 |
+++ b/www-apps/piwigo/files/piwigo-2.10.1-php7.4_deprecation.patch |
129 |
@@ -0,0 +1,56 @@ |
130 |
+From 6f49712b57a4cbe362c0f3d3a1e67267d298fe8b Mon Sep 17 00:00:00 2001 |
131 |
+From: Tomas Krizek <tomas.krizek@×××××××.org> |
132 |
+Date: Tue, 3 Dec 2019 21:56:44 +0100 |
133 |
+Subject: [PATCH] include/functions_cookie: use proper brackets for offset |
134 |
+ access |
135 |
+ |
136 |
+Fixes #1134 |
137 |
+--- |
138 |
+ admin/site_update.php | 6 +++--- |
139 |
+ include/functions_cookie.inc.php | 2 +- |
140 |
+ 2 files changed, 4 insertions(+), 4 deletions(-) |
141 |
+ |
142 |
+diff --git a/admin/site_update.php b/admin/site_update.php |
143 |
+index 791a8d59e..e8fc78093 100644 |
144 |
+--- a/admin/site_update.php |
145 |
++++ b/admin/site_update.php |
146 |
+@@ -257,7 +257,7 @@ |
147 |
+ else |
148 |
+ { |
149 |
+ $insert['uppercats'] = $insert['id']; |
150 |
+- $insert{'rank'} = $next_rank['NULL']++; |
151 |
++ $insert['rank'] = $next_rank['NULL']++; |
152 |
+ $insert['global_rank'] = $insert['rank']; |
153 |
+ } |
154 |
+ |
155 |
+@@ -268,7 +268,7 @@ |
156 |
+ ); |
157 |
+ |
158 |
+ // add the new category to $db_categories and $db_fulldirs array |
159 |
+- $db_categories[$insert{'id'}] = |
160 |
++ $db_categories[$insert['id']] = |
161 |
+ array( |
162 |
+ 'id' => $insert['id'], |
163 |
+ 'parent' => (isset($parent)) ? $parent : Null, |
164 |
+@@ -278,7 +278,7 @@ |
165 |
+ 'global_rank' => $insert['global_rank'] |
166 |
+ ); |
167 |
+ $db_fulldirs[$fulldir] = $insert['id']; |
168 |
+- $next_rank[$insert{'id'}] = 1; |
169 |
++ $next_rank[$insert['id']] = 1; |
170 |
+ } |
171 |
+ else |
172 |
+ { |
173 |
+diff --git a/include/functions_cookie.inc.php b/include/functions_cookie.inc.php |
174 |
+index be9853d27..0eb159eb7 100644 |
175 |
+--- a/include/functions_cookie.inc.php |
176 |
++++ b/include/functions_cookie.inc.php |
177 |
+@@ -54,7 +54,7 @@ function cookie_path() |
178 |
+ $scr = substr($scr,0,strrpos( $scr,'/')); |
179 |
+ |
180 |
+ // add a trailing '/' if needed |
181 |
+- if ((strlen($scr) == 0) or ($scr{strlen($scr)-1} !== '/')) |
182 |
++ if ((strlen($scr) == 0) or ($scr[strlen($scr)-1] !== '/')) |
183 |
+ { |
184 |
+ $scr .= '/'; |
185 |
+ } |
186 |
|
187 |
diff --git a/www-apps/piwigo/files/piwigo-2.10.1-php7.4_notice.patch b/www-apps/piwigo/files/piwigo-2.10.1-php7.4_notice.patch |
188 |
new file mode 100644 |
189 |
index 00000000000..71b7c1a8e83 |
190 |
--- /dev/null |
191 |
+++ b/www-apps/piwigo/files/piwigo-2.10.1-php7.4_notice.patch |
192 |
@@ -0,0 +1,41 @@ |
193 |
+From f1d1b55d82e9f2d77c5b54422bced31f44370ce0 Mon Sep 17 00:00:00 2001 |
194 |
+From: Ben <bnj@××××.org> |
195 |
+Date: Sun, 19 Jan 2020 18:28:16 +0100 |
196 |
+Subject: [PATCH] Fix PHP-7.4 Issue |
197 |
+ |
198 |
+PHP-7.4 Issue = "Trying to access array offset on value of type null" in functions_category.inc.php |
199 |
+--- |
200 |
+ include/functions_category.inc.php | 8 +++++--- |
201 |
+ 1 file changed, 5 insertions(+), 3 deletions(-) |
202 |
+ |
203 |
+diff --git a/include/functions_category.inc.php b/include/functions_category.inc.php |
204 |
+index 22997ee2f..64925a0c8 100644 |
205 |
+--- a/include/functions_category.inc.php |
206 |
++++ b/include/functions_category.inc.php |
207 |
+@@ -103,6 +103,8 @@ function get_categories_menu() |
208 |
+ $result = pwg_query($query); |
209 |
+ $cats = array(); |
210 |
+ $selected_category = isset($page['category']) ? $page['category'] : null; |
211 |
++ $selected_category_id = isset($selected_category['id']) ? $selected_category['id'] : null; |
212 |
++ $selected_category_id_uppercat = isset($selected_category['id_uppercat']) ? $selected_category['id_uppercat'] : null; |
213 |
+ while ($row = pwg_db_fetch_assoc($result)) |
214 |
+ { |
215 |
+ $child_date_last = @$row['max_date_last']> @$row['date_last']; |
216 |
+@@ -122,8 +124,8 @@ function get_categories_menu() |
217 |
+ ), |
218 |
+ 'URL' => make_index_url(array('category' => $row)), |
219 |
+ 'LEVEL' => substr_count($row['global_rank'], '.') + 1, |
220 |
+- 'SELECTED' => $selected_category['id'] == $row['id'] ? true : false, |
221 |
+- 'IS_UPPERCAT' => $selected_category['id_uppercat'] == $row['id'] ? true : false, |
222 |
++ 'SELECTED' => $selected_category_id == $row['id'] ? true : false, |
223 |
++ 'IS_UPPERCAT' => $selected_category_id_uppercat == $row['id'] ? true : false, |
224 |
+ ) |
225 |
+ ); |
226 |
+ if ($conf['index_new_icon']) |
227 |
+@@ -602,4 +604,4 @@ function remove_computed_category(&$cats, $cat) |
228 |
+ unset($cats[$cat['cat_id']]); |
229 |
+ } |
230 |
+ |
231 |
+-?> |
232 |
+\ No newline at end of file |
233 |
++?> |
234 |
|
235 |
diff --git a/www-apps/piwigo/piwigo-2.10.1.ebuild b/www-apps/piwigo/piwigo-2.10.1-r1.ebuild |
236 |
similarity index 86% |
237 |
rename from www-apps/piwigo/piwigo-2.10.1.ebuild |
238 |
rename to www-apps/piwigo/piwigo-2.10.1-r1.ebuild |
239 |
index 208eb4ede24..84e1dab03f3 100644 |
240 |
--- a/www-apps/piwigo/piwigo-2.10.1.ebuild |
241 |
+++ b/www-apps/piwigo/piwigo-2.10.1-r1.ebuild |
242 |
@@ -1,4 +1,4 @@ |
243 |
-# Copyright 1999-2019 Gentoo Authors |
244 |
+# Copyright 1999-2020 Gentoo Authors |
245 |
# Distributed under the terms of the GNU General Public License v2 |
246 |
|
247 |
EAPI=7 |
248 |
@@ -22,6 +22,11 @@ BDEPEND="app-arch/unzip" |
249 |
|
250 |
REQUIRED_USE="|| ( gd imagemagick )" |
251 |
|
252 |
+PATCHES=( |
253 |
+ "${FILESDIR}"/${P}-css_vuln.patch |
254 |
+ "${FILESDIR}"/${P}-php7.4_deprecation.patch |
255 |
+ "${FILESDIR}"/${P}-php7.4_notice.patch |
256 |
+ ) |
257 |
S=${WORKDIR}/${PN} |
258 |
|
259 |
src_install() { |