Date: Fri, 29 Sep 2006 12:49:28 +0800 From: chinsan <chinsan.tw@gmail.com> To: FreeBSD-gnats-submit@FreeBSD.org Cc: simon@FreeBSD.org Subject: ports/103797: [MAINTAINER] www/dokuwiki-devel: Fix security issue(Codeinjection) Message-ID: <20060929045401.BC3A22E9DF@smtp2.bc.hgc.com.tw> Resent-Message-ID: <200609290500.k8T50ZAo040611@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 103797 >Category: ports >Synopsis: [MAINTAINER] www/dokuwiki-devel: Fix security issue(Codeinjection) >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Fri Sep 29 05:00:34 GMT 2006 >Closed-Date: >Last-Modified: >Originator: chinsan >Release: FreeBSD 6.2-PRERELEASE i386 >Organization: Taiwan >Environment: System: FreeBSD BSD6.giga.hgc.com.tw 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #6: Thu Sep 14 09:46:10 CST 2006 >Description: - Fix security issue(Codeinjection in fetch.php) http://bugs.splitbrain.org/?do=details&id=926 - Make portlint more happy. Notified by simon@, thanks. Generated with FreeBSD Port Tools 0.77 >How-To-Repeat: >Fix: --- dokuwiki-devel-20060609_1.patch begins here --- diff -ruN --exclude=CVS /usr/ports/www/dokuwiki-devel/Makefile /usr/home/chinsan/project/dokuwiki-devel/Makefile --- /usr/ports/www/dokuwiki-devel/Makefile Tue Jul 4 00:26:27 2006 +++ /usr/home/chinsan/project/dokuwiki-devel/Makefile Fri Sep 29 12:46:06 2006 @@ -7,6 +7,7 @@ PORTNAME= dokuwiki PORTVERSION= ${DIST_VER:S/${PORTNAME}//:S/-//g} +PORTREVISION= 1 CATEGORIES= www MASTER_SITES= http://chinsan2.twbbs.org/distfiles/ \ ftp://chinsan2.twbbs.org/distfiles/ \ @@ -80,6 +81,9 @@ .endif pre-patch: +# Fix http://bugs.splitbrain.org/?do=details&id=926 + @${REINPLACE_CMD} -e '25,26 s,=,= (int),' ${WRKSRC}/lib/exe/fetch.php + @${FIND} ${WRKSRC}/lib/exe -name "*.php.bak" -delete .if defined(WIKI_LANG) @${REINPLACE_CMD} -e 's|lang\(.*\)'en'|lang\1'${WIKI_LANG}'|g' \ ${WRKSRC}/conf/dokuwiki.php @@ -88,16 +92,6 @@ post-patch: @${TOUCH} ${WRKSRC}/data/changes.log - -# This target is only meant to be used by the port maintainer. -x-generate-plist: - @make makesum - @make patch - @cd ${WRKSRC} && ${FIND} -s . -type f | \ - ${SED} -e 's|^./||;s|^|%%DOKUWIKI_DIR%%/|' > ${TEMP_PLIST} \ - && ${FIND} -d * -type d | \ - ${SED} -e 's|^|@dirrm %%DOKUWIKI_DIR%%/|' >> ${TEMP_PLIST} \ - && ${ECHO_CMD} "@dirrmtry %%DOKUWIKI_DIR%%" >> ${TEMP_PLIST} do-install: # Data files --- dokuwiki-devel-20060609_1.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060929045401.BC3A22E9DF>