| 1 |
pva 07/12/30 19:17:36 |
| 2 |
|
| 3 |
Modified: ChangeLog |
| 4 |
Added: mantisbt-1.0.8-r1.ebuild |
| 5 |
Log: |
| 6 |
Fixes "Upload File" Script Insertion Vulnerability, bug 203791, reported by Pierre-Yves Rofes <py AT gentoo.org>. |
| 7 |
(Portage version: 2.1.4_rc11) |
| 8 |
|
| 9 |
Revision Changes Path |
| 10 |
1.49 www-apps/mantisbt/ChangeLog |
| 11 |
|
| 12 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-apps/mantisbt/ChangeLog?rev=1.49&view=markup |
| 13 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-apps/mantisbt/ChangeLog?rev=1.49&content-type=text/plain |
| 14 |
diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-apps/mantisbt/ChangeLog?r1=1.48&r2=1.49 |
| 15 |
|
| 16 |
Index: ChangeLog |
| 17 |
=================================================================== |
| 18 |
RCS file: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v |
| 19 |
retrieving revision 1.48 |
| 20 |
retrieving revision 1.49 |
| 21 |
diff -u -r1.48 -r1.49 |
| 22 |
--- ChangeLog 10 Dec 2007 16:14:57 -0000 1.48 |
| 23 |
+++ ChangeLog 30 Dec 2007 19:17:36 -0000 1.49 |
| 24 |
@@ -1,6 +1,14 @@ |
| 25 |
# ChangeLog for www-apps/mantisbt |
| 26 |
# Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2 |
| 27 |
-# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v 1.48 2007/12/10 16:14:57 pva Exp $ |
| 28 |
+# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v 1.49 2007/12/30 19:17:36 pva Exp $ |
| 29 |
+ |
| 30 |
+*mantisbt-1.0.8-r1 (30 Dec 2007) |
| 31 |
+ |
| 32 |
+ 30 Dec 2007; <pva@g.o> |
| 33 |
+ +files/mantisbt-1.0.8-avoid-XSS-in-file_api.php.patch, |
| 34 |
+ +mantisbt-1.0.8-r1.ebuild: |
| 35 |
+ Fixes "Upload File" Script Insertion Vulnerability, bug 203791, reported by |
| 36 |
+ Pierre-Yves Rofes <py AT gentoo.org>. |
| 37 |
|
| 38 |
10 Dec 2007; <pva@g.o> mantisbt-1.0.8.ebuild: |
| 39 |
Fixed apache2 DEPEND, bug #201822. Thank Nick Devito <nick AT nick125.com> |
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
1.1 www-apps/mantisbt/mantisbt-1.0.8-r1.ebuild |
| 44 |
|
| 45 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-apps/mantisbt/mantisbt-1.0.8-r1.ebuild?rev=1.1&view=markup |
| 46 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-apps/mantisbt/mantisbt-1.0.8-r1.ebuild?rev=1.1&content-type=text/plain |
| 47 |
|
| 48 |
Index: mantisbt-1.0.8-r1.ebuild |
| 49 |
=================================================================== |
| 50 |
# Copyright 1999-2007 Gentoo Foundation |
| 51 |
# Distributed under the terms of the GNU General Public License v2 |
| 52 |
# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/mantisbt-1.0.8-r1.ebuild,v 1.1 2007/12/30 19:17:36 pva Exp $ |
| 53 |
|
| 54 |
inherit eutils webapp |
| 55 |
|
| 56 |
IUSE="bundled-adodb" |
| 57 |
MY_P=mantis-${PV} |
| 58 |
|
| 59 |
DESCRIPTION="PHP/MySQL/Web based bugtracking system" |
| 60 |
HOMEPAGE="http://www.mantisbt.org/" |
| 61 |
SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.gz" |
| 62 |
|
| 63 |
S=${WORKDIR}/${MY_P} |
| 64 |
|
| 65 |
KEYWORDS="~amd64 ~ppc ~x86" |
| 66 |
|
| 67 |
RDEPEND=" |
| 68 |
virtual/httpd-php |
| 69 |
virtual/httpd-cgi |
| 70 |
!bundled-adodb? ( dev-php/adodb ) |
| 71 |
" |
| 72 |
|
| 73 |
LICENSE="GPL-2" |
| 74 |
|
| 75 |
src_unpack() { |
| 76 |
unpack ${A} |
| 77 |
cd "${S}" |
| 78 |
|
| 79 |
# http://www.mantisbt.org/bugs/view.php?id=8256 |
| 80 |
epatch "${FILESDIR}"/${P}-avoid-XS-type-in-schema.php.patch |
| 81 |
# http://www.mantisbt.org/bugs/view.php?id=8679 |
| 82 |
epatch "${FILESDIR}"/${P}-avoid-XSS-in-file_api.php.patch |
| 83 |
|
| 84 |
if use bundled-adodb ; then |
| 85 |
sed -ie \ |
| 86 |
"s:require_once( 'adodb/adodb.inc.php' );:require_once( \$t_core_dir . 'adodb/adodb.inc.php' );:" \ |
| 87 |
"${S}"/core/database_api.php |
| 88 |
else |
| 89 |
rm -r "${S}"/core/adodb/ |
| 90 |
fi |
| 91 |
|
| 92 |
# Fix permitions. Should be fixed in 1.0.9 |
| 93 |
find "${S}" -type f -exec chmod 644 \{\} \; |
| 94 |
find "${S}" -type d -exec chmod 755 \{\} \; |
| 95 |
} |
| 96 |
|
| 97 |
src_install() { |
| 98 |
webapp_src_preinst |
| 99 |
rm doc/{LICENSE,INSTALL} |
| 100 |
dodoc doc/* |
| 101 |
|
| 102 |
cp -R . "${D}"/${MY_HTDOCSDIR} |
| 103 |
rm -rf "${D}"/${MY_HTDOCSDIR}/doc |
| 104 |
|
| 105 |
mv "${D}"/${MY_HTDOCSDIR}/config_inc.php.sample "${D}"/${MY_HTDOCSDIR}/config_inc.php |
| 106 |
|
| 107 |
webapp_configfile ${MY_HTDOCSDIR}/config_inc.php |
| 108 |
webapp_postinst_txt en "${FILESDIR}"/postinstall-en-1.0.0.txt |
| 109 |
webapp_src_install |
| 110 |
} |
| 111 |
|
| 112 |
|
| 113 |
|
| 114 |
-- |
| 115 |
gentoo-commits@g.o mailing list |
Archives