ports/103797: [MAINTAINER] www/dokuwiki-devel: Fix security issue(Codeinjection)

chinsan chinsan.tw at gmail.com
Fri Sep 29 05:00:36 UTC 2006 

>Number:         103797
>Category:       ports
>Synopsis:       [MAINTAINER] www/dokuwiki-devel: Fix security issue(Codeinjection)
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Fri Sep 29 05:00:34 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     chinsan
>Release:        FreeBSD 6.2-PRERELEASE i386
>Organization:
Taiwan
>Environment:
System: FreeBSD BSD6.giga.hgc.com.tw 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #6: Thu Sep 14 09:46:10 CST 2006
>Description:
- Fix security issue(Codeinjection in fetch.php)
  http://bugs.splitbrain.org/?do=details&id=926
- Make portlint more happy.

Notified by simon@, thanks.

Generated with FreeBSD Port Tools 0.77
>How-To-Repeat:
>Fix:

--- dokuwiki-devel-20060609_1.patch begins here ---
diff -ruN --exclude=CVS /usr/ports/www/dokuwiki-devel/Makefile /usr/home/chinsan/project/dokuwiki-devel/Makefile
--- /usr/ports/www/dokuwiki-devel/Makefile	Tue Jul  4 00:26:27 2006
+++ /usr/home/chinsan/project/dokuwiki-devel/Makefile	Fri Sep 29 12:46:06 2006
@@ -7,6 +7,7 @@
 
 PORTNAME=	dokuwiki
 PORTVERSION=	${DIST_VER:S/${PORTNAME}//:S/-//g}
+PORTREVISION=	1
 CATEGORIES=	www
 MASTER_SITES=	http://chinsan2.twbbs.org/distfiles/ \
 		ftp://chinsan2.twbbs.org/distfiles/ \
@@ -80,6 +81,9 @@
 .endif
 
 pre-patch:
+# Fix http://bugs.splitbrain.org/?do=details&id=926
+	@${REINPLACE_CMD} -e '25,26 s,=,= (int),' ${WRKSRC}/lib/exe/fetch.php
+	@${FIND} ${WRKSRC}/lib/exe -name "*.php.bak" -delete
 .if defined(WIKI_LANG)
 	@${REINPLACE_CMD} -e 's|lang\(.*\)'en'|lang\1'${WIKI_LANG}'|g' \
 		${WRKSRC}/conf/dokuwiki.php
@@ -88,16 +92,6 @@
 
 post-patch:
 	@${TOUCH} ${WRKSRC}/data/changes.log
-
-# This target is only meant to be used by the port maintainer.
-x-generate-plist:
-	@make makesum
-	@make patch
-	@cd ${WRKSRC} && ${FIND} -s . -type f | \
-		${SED} -e 's|^./||;s|^|%%DOKUWIKI_DIR%%/|' > ${TEMP_PLIST} \
-		&& ${FIND} -d * -type d | \
-		${SED} -e 's|^|@dirrm %%DOKUWIKI_DIR%%/|' >> ${TEMP_PLIST} \
-		&& ${ECHO_CMD} "@dirrmtry %%DOKUWIKI_DIR%%" >> ${TEMP_PLIST}
 
 do-install:
 # Data files
--- dokuwiki-devel-20060609_1.patch ends here ---

>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list