1 |
pva 07/12/30 19:17:36 |
2 |
|
3 |
Modified: ChangeLog |
4 |
Added: mantisbt-1.0.8-r1.ebuild |
5 |
Log: |
6 |
Fixes "Upload File" Script Insertion Vulnerability, bug 203791, reported by Pierre-Yves Rofes <py AT gentoo.org>. |
7 |
(Portage version: 2.1.4_rc11) |
8 |
|
9 |
Revision Changes Path |
10 |
1.49 www-apps/mantisbt/ChangeLog |
11 |
|
12 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-apps/mantisbt/ChangeLog?rev=1.49&view=markup |
13 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-apps/mantisbt/ChangeLog?rev=1.49&content-type=text/plain |
14 |
diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-apps/mantisbt/ChangeLog?r1=1.48&r2=1.49 |
15 |
|
16 |
Index: ChangeLog |
17 |
=================================================================== |
18 |
RCS file: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v |
19 |
retrieving revision 1.48 |
20 |
retrieving revision 1.49 |
21 |
diff -u -r1.48 -r1.49 |
22 |
--- ChangeLog 10 Dec 2007 16:14:57 -0000 1.48 |
23 |
+++ ChangeLog 30 Dec 2007 19:17:36 -0000 1.49 |
24 |
@@ -1,6 +1,14 @@ |
25 |
# ChangeLog for www-apps/mantisbt |
26 |
# Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2 |
27 |
-# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v 1.48 2007/12/10 16:14:57 pva Exp $ |
28 |
+# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v 1.49 2007/12/30 19:17:36 pva Exp $ |
29 |
+ |
30 |
+*mantisbt-1.0.8-r1 (30 Dec 2007) |
31 |
+ |
32 |
+ 30 Dec 2007; <pva@g.o> |
33 |
+ +files/mantisbt-1.0.8-avoid-XSS-in-file_api.php.patch, |
34 |
+ +mantisbt-1.0.8-r1.ebuild: |
35 |
+ Fixes "Upload File" Script Insertion Vulnerability, bug 203791, reported by |
36 |
+ Pierre-Yves Rofes <py AT gentoo.org>. |
37 |
|
38 |
10 Dec 2007; <pva@g.o> mantisbt-1.0.8.ebuild: |
39 |
Fixed apache2 DEPEND, bug #201822. Thank Nick Devito <nick AT nick125.com> |
40 |
|
41 |
|
42 |
|
43 |
1.1 www-apps/mantisbt/mantisbt-1.0.8-r1.ebuild |
44 |
|
45 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-apps/mantisbt/mantisbt-1.0.8-r1.ebuild?rev=1.1&view=markup |
46 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-apps/mantisbt/mantisbt-1.0.8-r1.ebuild?rev=1.1&content-type=text/plain |
47 |
|
48 |
Index: mantisbt-1.0.8-r1.ebuild |
49 |
=================================================================== |
50 |
# Copyright 1999-2007 Gentoo Foundation |
51 |
# Distributed under the terms of the GNU General Public License v2 |
52 |
# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/mantisbt-1.0.8-r1.ebuild,v 1.1 2007/12/30 19:17:36 pva Exp $ |
53 |
|
54 |
inherit eutils webapp |
55 |
|
56 |
IUSE="bundled-adodb" |
57 |
MY_P=mantis-${PV} |
58 |
|
59 |
DESCRIPTION="PHP/MySQL/Web based bugtracking system" |
60 |
HOMEPAGE="http://www.mantisbt.org/" |
61 |
SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.gz" |
62 |
|
63 |
S=${WORKDIR}/${MY_P} |
64 |
|
65 |
KEYWORDS="~amd64 ~ppc ~x86" |
66 |
|
67 |
RDEPEND=" |
68 |
virtual/httpd-php |
69 |
virtual/httpd-cgi |
70 |
!bundled-adodb? ( dev-php/adodb ) |
71 |
" |
72 |
|
73 |
LICENSE="GPL-2" |
74 |
|
75 |
src_unpack() { |
76 |
unpack ${A} |
77 |
cd "${S}" |
78 |
|
79 |
# http://www.mantisbt.org/bugs/view.php?id=8256 |
80 |
epatch "${FILESDIR}"/${P}-avoid-XS-type-in-schema.php.patch |
81 |
# http://www.mantisbt.org/bugs/view.php?id=8679 |
82 |
epatch "${FILESDIR}"/${P}-avoid-XSS-in-file_api.php.patch |
83 |
|
84 |
if use bundled-adodb ; then |
85 |
sed -ie \ |
86 |
"s:require_once( 'adodb/adodb.inc.php' );:require_once( \$t_core_dir . 'adodb/adodb.inc.php' );:" \ |
87 |
"${S}"/core/database_api.php |
88 |
else |
89 |
rm -r "${S}"/core/adodb/ |
90 |
fi |
91 |
|
92 |
# Fix permitions. Should be fixed in 1.0.9 |
93 |
find "${S}" -type f -exec chmod 644 \{\} \; |
94 |
find "${S}" -type d -exec chmod 755 \{\} \; |
95 |
} |
96 |
|
97 |
src_install() { |
98 |
webapp_src_preinst |
99 |
rm doc/{LICENSE,INSTALL} |
100 |
dodoc doc/* |
101 |
|
102 |
cp -R . "${D}"/${MY_HTDOCSDIR} |
103 |
rm -rf "${D}"/${MY_HTDOCSDIR}/doc |
104 |
|
105 |
mv "${D}"/${MY_HTDOCSDIR}/config_inc.php.sample "${D}"/${MY_HTDOCSDIR}/config_inc.php |
106 |
|
107 |
webapp_configfile ${MY_HTDOCSDIR}/config_inc.php |
108 |
webapp_postinst_txt en "${FILESDIR}"/postinstall-en-1.0.0.txt |
109 |
webapp_src_install |
110 |
} |
111 |
|
112 |
|
113 |
|
114 |
-- |
115 |
gentoo-commits@g.o mailing list |