git: beb4ec30ad06 - 2023Q3 - net/phpldapadmin: update to 1.2.6.6
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 05 Jul 2023 06:02:42 UTC
The branch 2023Q3 has been updated by fernape: URL: https://cgit.FreeBSD.org/ports/commit/?id=beb4ec30ad06f9bc733a1d407191e695a73d83d8 commit beb4ec30ad06f9bc733a1d407191e695a73d83d8 Author: Krzysztof <ports@bsdserwis.com> AuthorDate: 2023-07-04 06:10:46 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2023-07-05 06:02:03 +0000 net/phpldapadmin: update to 1.2.6.6 ChangeLog: https://github.com/leenooks/phpLDAPadmin/compare/1.2.6.5...1.2.6.6 Another fix for CVE-2020-35132. PR: 272348 Reported by: ports@bsdserwis.com (maintainer) MFH: 2023Q3 (security fix) Security: CVE-2020-35132 (cherry picked from commit 61cfb3cbfa0279361042afb790b5722a1a88fd04) --- net/phpldapadmin/Makefile | 2 +- net/phpldapadmin/distinfo | 6 +- .../files/patch-lib_import__functions.php | 79 ++++++++++++++++++++++ 3 files changed, 83 insertions(+), 4 deletions(-) diff --git a/net/phpldapadmin/Makefile b/net/phpldapadmin/Makefile index 20ddb167b609..046e144d3cae 100644 --- a/net/phpldapadmin/Makefile +++ b/net/phpldapadmin/Makefile @@ -1,5 +1,5 @@ PORTNAME= phpldapadmin -PORTVERSION= 1.2.6.5 +DISTVERSION= 1.2.6.6 CATEGORIES= net www PKGNAMESUFFIX= ${PHP_PKGNAMESUFFIX} diff --git a/net/phpldapadmin/distinfo b/net/phpldapadmin/distinfo index dd8beb5b6259..68ac35333cef 100644 --- a/net/phpldapadmin/distinfo +++ b/net/phpldapadmin/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1676551762 -SHA256 (leenooks-phpLDAPadmin-1.2.6.5_GH0.tar.gz) = 882a508029cfa0e42a3a6700f1548b477b135ecb2d4fef9bf63ea8d781ea22c1 -SIZE (leenooks-phpLDAPadmin-1.2.6.5_GH0.tar.gz) = 1132582 +TIMESTAMP = 1688152341 +SHA256 (leenooks-phpLDAPadmin-1.2.6.6_GH0.tar.gz) = 7a8c02a611e60aa6713d1cf863dfac9637e23c3f4d401ea5e47dbe2b22d4895a +SIZE (leenooks-phpLDAPadmin-1.2.6.6_GH0.tar.gz) = 1132820 diff --git a/net/phpldapadmin/files/patch-lib_import__functions.php b/net/phpldapadmin/files/patch-lib_import__functions.php new file mode 100644 index 000000000000..af887114593e --- /dev/null +++ b/net/phpldapadmin/files/patch-lib_import__functions.php @@ -0,0 +1,79 @@ +--- lib/import_functions.php.orig 2023-04-01 13:46:16 UTC ++++ lib/import_functions.php +@@ -255,7 +255,7 @@ class ImportLDIF extends Import { + if (substr($value,0,1) == ':') + $value = base64_decode(trim(substr($value,1))); + else +- $value = trim($value); ++ $value = trim((string) $value); + + return array($attr,$value); + } +@@ -271,7 +271,7 @@ class ImportLDIF extends Import { + + if ($this->hasMoreEntries() && ! $this->eof()) { + # The first line is the DN one +- $current[0]= trim($this->_currentLine); ++ $current[0]= trim((string) $this->_currentLine); + + # While we end on a blank line, fetch the attribute lines + $count = 0; +@@ -282,11 +282,11 @@ class ImportLDIF extends Import { + /* If the next line begin with a space, we append it to the current row + * else we push it into the array (unwrap)*/ + if ($this->isWrappedLine()) +- $current[$count] .= trim($this->_currentLine); ++ $current[$count] .= trim((string) $this->_currentLine); + elseif ($this->isCommentLine()) {} + # Do nothing + elseif (! $this->isBlankLine()) +- $current[++$count] = trim($this->_currentLine); ++ $current[++$count] = trim((string) $this->_currentLine); + else + $endEntryFound = true; + } +@@ -336,7 +336,7 @@ class ImportLDIF extends Import { + * @return boolean true if it's a comment line,false otherwise + */ + private function isCommentLine() { +- return substr(trim($this->_currentLine),0,1) == '#' ? true : false; ++ return substr(trim((string) $this->_currentLine),0,1) == '#' ? true : false; + } + + /** +@@ -354,7 +354,7 @@ class ImportLDIF extends Import { + * @return boolean if it is a blank line,false otherwise. + */ + private function isBlankLine() { +- return(trim($this->_currentLine) == '') ? true : false; ++ return(trim((string) $this->_currentLine) == '') ? true : false; + } + + /** +@@ -386,7 +386,7 @@ class ImportLDIF extends Import { + $url = trim(substr($value,1)); + + if (preg_match('^file://',$url)) { +- $filename = substr(trim($url),7); ++ $filename = substr(trim((string) $url),7); + + if ($fh = @fopen($filename,'rb')) { + if (! $return = @fread($fh,filesize($filename))) +@@ -480,7 +480,7 @@ class ImportLDIF extends Import { + # Fetch the attribute for the following line + $currentLine = array_shift($lines); + +- while ($processline && trim($currentLine) && (trim($currentLine) != '-')) { ++ while ($processline && trim((string) $currentLine) && (trim((string) $currentLine) != '-')) { + $processline = false; + + # If there is a valid line +@@ -541,7 +541,7 @@ class ImportLDIF extends Import { + array_merge(array($currentLine),$lines)); + + $currentLine = array_shift($lines); +- if (trim($currentLine)) ++ if (trim((string) $currentLine)) + $processline = true; + } +