From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1321179-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by finch.gentoo.org (Postfix) with ESMTPS id B9452158092
for <garchives@archives.gentoo.org>; Wed, 15 Sep 2021 10:40:27 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
by pigeon.gentoo.org (Postfix) with SMTP id D3F5CE0814;
Wed, 15 Sep 2021 10:40:26 +0000 (UTC)
Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183])
(using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits))
(No client certificate requested)
by pigeon.gentoo.org (Postfix) with ESMTPS id 55E6BE0814
for <gentoo-commits@lists.gentoo.org>; Wed, 15 Sep 2021 10:40:26 +0000 (UTC)
Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84])
(using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits))
(No client certificate requested)
by smtp.gentoo.org (Postfix) with ESMTPS id 45A3034313E
for <gentoo-commits@lists.gentoo.org>; Wed, 15 Sep 2021 10:40:25 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
by oystercatcher.gentoo.org (Postfix) with ESMTP id C8DEA79
for <gentoo-commits@lists.gentoo.org>; Wed, 15 Sep 2021 10:40:23 +0000 (UTC)
From: "Bernard Cafarelli" <voyageur@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Bernard Cafarelli" <voyageur@gentoo.org>
Message-ID: <1631702417.cdd0ebd79e5f3cbcc7aa630fe6ffda67683f0bb9.voyageur@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: www-apps/owncloud/, www-apps/owncloud/files/
X-VCS-Repository: repo/gentoo
X-VCS-Files: www-apps/owncloud/Manifest www-apps/owncloud/files/owncloud-10.7.0-share_data_exposure.patch www-apps/owncloud/owncloud-10.7.0-r1.ebuild
X-VCS-Directories: www-apps/owncloud/ www-apps/owncloud/files/
X-VCS-Committer: voyageur
X-VCS-Committer-Name: Bernard Cafarelli
X-VCS-Revision: cdd0ebd79e5f3cbcc7aa630fe6ffda67683f0bb9
X-VCS-Branch: master
Date: Wed, 15 Sep 2021 10:40:23 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: d0774dbd-00a7-4b14-b9e9-512a602e2a2b
X-Archives-Hash: 962b5b3e7bec795b30c6cd48a18ce655
commit: cdd0ebd79e5f3cbcc7aa630fe6ffda67683f0bb9
Author: Bernard Cafarelli <voyageur <AT> gentoo <DOT> org>
AuthorDate: Wed Sep 15 10:40:17 2021 +0000
Commit: Bernard Cafarelli <voyageur <AT> gentoo <DOT> org>
CommitDate: Wed Sep 15 10:40:17 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cdd0ebd7
www-apps/owncloud: drop vulnerable version
Bug: https://bugs.gentoo.org/812491
Package-Manager: Portage-3.0.23, Repoman-3.0.3
Signed-off-by: Bernard Cafarelli <voyageur <AT> gentoo.org>
www-apps/owncloud/Manifest | 1 -
.../owncloud-10.7.0-share_data_exposure.patch | 78 ----------------------
www-apps/owncloud/owncloud-10.7.0-r1.ebuild | 49 --------------
3 files changed, 128 deletions(-)
diff --git a/www-apps/owncloud/Manifest b/www-apps/owncloud/Manifest
index caff0833560..12d19ceac59 100644
--- a/www-apps/owncloud/Manifest
+++ b/www-apps/owncloud/Manifest
@@ -1,2 +1 @@
-DIST owncloud-10.7.0.tar.bz2 24129028 BLAKE2B 47ce3584f8123cc0a315c7d88847df5844c951e354fcecd7a876ca01f0fa24823a86bdd950dd885f3bbb46f60d8a39271e31d43ac6dac8f3df506d6cdc531231 SHA512 ebb636b8ffd06d4ceb1dd0d50c15ab393b8c7bf2f0e23c61ba957add6ac4d4ba4cdefb9cda2c703f337c82a295e2c40a467a602227728e9506f9a150c9f2fd3c
DIST owncloud-10.8.0.tar.bz2 24917781 BLAKE2B 909a8b51034fe07f83adcb3aff9c8eab790da40b115ecc715c4307ecb0364d5f65d75178d76ff27969b28a46f9585915412db235120dbb8600809057eea3c7f1 SHA512 47a23e5c2946e5d4c1d8c8e6d1b754e2a2bce436af532dbc7aa36c8031185fcc28b500fefa064e5290f2af68cbea823fa893acdb90307c9eddf53e126d282c96
diff --git a/www-apps/owncloud/files/owncloud-10.7.0-share_data_exposure.patch b/www-apps/owncloud/files/owncloud-10.7.0-share_data_exposure.patch
deleted file mode 100644
index bab6ffed11e..00000000000
--- a/www-apps/owncloud/files/owncloud-10.7.0-share_data_exposure.patch
+++ /dev/null
@@ -1,78 +0,0 @@
-From b552f84eedb5d2a113028d7859e82352699fb427 Mon Sep 17 00:00:00 2001
-From: JanAckermann <jackermann@owncloud.com>
-Date: Tue, 4 May 2021 11:51:29 +0200
-Subject: [PATCH 1/3] Throw generic exception to overcome, senstitive exception
- data exposure
-
----
- .../lib/Controllers/ShareController.php | 26 ++++++++++++-------
- 1 file changed, 16 insertions(+), 10 deletions(-)
-
-diff --git a/apps/files_sharing/lib/Controllers/ShareController.php b/apps/files_sharing/lib/Controllers/ShareController.php
-index da9832e105b..02bd3553067 100644
---- a/apps/files_sharing/lib/Controllers/ShareController.php
-+++ b/apps/files_sharing/lib/Controllers/ShareController.php
-@@ -400,6 +400,7 @@ public function showShare($token, $path = '') {
- * @param string $path
- * @param string $downloadStartSecret
- * @return NotFoundResponse|RedirectResponse|void
-+ * @throws \Exception
- */
- public function downloadShare($token, $files = null, $path = '', $downloadStartSecret = '') {
- \OC_User::setIncognitoMode(true);
-@@ -530,16 +531,21 @@ public function downloadShare($token, $files = null, $path = '', $downloadStartS
- }
-
- // download selected files
-- if ($files !== null && $files !== '') {
-- // FIXME: The exit is required here because otherwise the AppFramework is trying to add headers as well
-- // after dispatching the request which results in a "Cannot modify header information" notice.
-- OC_Files::get($originalSharePath, $files_list, $server_params);
-- exit();
-- } else {
-- // FIXME: The exit is required here because otherwise the AppFramework is trying to add headers as well
-- // after dispatching the request which results in a "Cannot modify header information" notice.
-- OC_Files::get(\dirname($originalSharePath), \basename($originalSharePath), $server_params);
-- exit();
-+
-+ try {
-+ if ($files !== null && $files !== '') {
-+ // FIXME: The exit is required here because otherwise the AppFramework is trying to add headers as well
-+ // after dispatching the request which results in a "Cannot modify header information" notice.
-+ OC_Files::get($originalSharePath, $files_list, $server_params);
-+ exit();
-+ } else {
-+ // FIXME: The exit is required here because otherwise the AppFramework is trying to add headers as well
-+ // after dispatching the request which results in a "Cannot modify header information" notice.
-+ OC_Files::get(\dirname($originalSharePath), \basename($originalSharePath), $server_params);
-+ exit();
-+ }
-+ } catch (\Exception $e) {
-+ throw new \Exception();
- }
- }
- }
-
-From a94f67a4857447e36e205043c55f29737a0bc57d Mon Sep 17 00:00:00 2001
-From: JanAckermann <jackermann@owncloud.com>
-Date: Tue, 4 May 2021 12:01:17 +0200
-Subject: [PATCH 2/3] enhanche if statement
-
----
- lib/private/Files/Storage/Local.php | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/lib/private/Files/Storage/Local.php b/lib/private/Files/Storage/Local.php
-index d5ae0e3794b..d499079da98 100644
---- a/lib/private/Files/Storage/Local.php
-+++ b/lib/private/Files/Storage/Local.php
-@@ -384,7 +384,7 @@ public function getSourcePath($path) {
- }
- $pathToResolve = $fullPath;
- $realPath = \realpath($pathToResolve);
-- while ($realPath === false) { // for non existing files check the parent directory
-+ while (!\is_string($realPath)) { // for non existing files check the parent directory
- $pathToResolve = \dirname($pathToResolve);
- $realPath = \realpath($pathToResolve);
- }
-
diff --git a/www-apps/owncloud/owncloud-10.7.0-r1.ebuild b/www-apps/owncloud/owncloud-10.7.0-r1.ebuild
deleted file mode 100644
index f379b0cf2d4..00000000000
--- a/www-apps/owncloud/owncloud-10.7.0-r1.ebuild
+++ /dev/null
@@ -1,49 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit webapp
-
-DESCRIPTION="Web-based storage application where all your data is under your own control"
-HOMEPAGE="https://owncloud.org"
-SRC_URI="https://download.owncloud.org/community/${P}.tar.bz2"
-LICENSE="AGPL-3"
-
-KEYWORDS="~amd64 ~arm ~x86"
-IUSE="+curl mysql postgres +sqlite"
-REQUIRED_USE="|| ( mysql postgres sqlite )"
-
-DEPEND=""
-RDEPEND=">=dev-lang/php-7.0[curl?,filter,gd,hash(+),intl,json(+),mysql?,pdo,posix,postgres?,session,simplexml,sqlite?,xmlreader,xmlwriter,zip]
- virtual/httpd-php"
-
-PATCHES=( "${FILESDIR}"/${P}-share_data_exposure.patch )
-
-S=${WORKDIR}/${PN}
-
-pkg_setup() {
- webapp_pkg_setup
-}
-
-src_install() {
- webapp_src_preinst
-
- insinto "${MY_HTDOCSDIR}"
- doins -r .
- dodir "${MY_HTDOCSDIR}"/data
-
- webapp_serverowned -R "${MY_HTDOCSDIR}"/apps
- webapp_serverowned -R "${MY_HTDOCSDIR}"/data
- webapp_serverowned -R "${MY_HTDOCSDIR}"/config
- webapp_configfile "${MY_HTDOCSDIR}"/.htaccess
-
- webapp_src_install
-}
-
-pkg_postinst() {
- elog "Additional applications (calendar, ...) are no longer provided by default."
- elog "You can install them after login via the applications management page"
- elog "(check the recommended tab). No application data is lost."
- webapp_pkg_postinst
-}