* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/cacti/, net-analyzer/cacti/files/
@ 2016-02-02 5:11 Jeroen Roovers
0 siblings, 0 replies; 2+ messages in thread
From: Jeroen Roovers @ 2016-02-02 5:11 UTC (permalink / raw
To: gentoo-commits
commit: aa240655c683eb070932a40e3b0773be307603bf
Author: Jeroen Roovers <jer <AT> gentoo <DOT> org>
AuthorDate: Tue Feb 2 05:10:43 2016 +0000
Commit: Jeroen Roovers <jer <AT> gentoo <DOT> org>
CommitDate: Tue Feb 2 05:10:43 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=aa240655
net-analyzer/cacti: Add upstream patch for CVE-2015-8369 (bug #568400).
Package-Manager: portage-2.2.27
net-analyzer/cacti/cacti-0.8.8f-r1.ebuild | 62 +++++++
.../cacti/files/cacti-0.8.8f-CVE-2015-8369.patch | 204 +++++++++++++++++++++
2 files changed, 266 insertions(+)
diff --git a/net-analyzer/cacti/cacti-0.8.8f-r1.ebuild b/net-analyzer/cacti/cacti-0.8.8f-r1.ebuild
new file mode 100644
index 0000000..782f241
--- /dev/null
+++ b/net-analyzer/cacti/cacti-0.8.8f-r1.ebuild
@@ -0,0 +1,62 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit eutils webapp
+
+# Support for _p* in version.
+MY_P=${P/_p*/}
+
+DESCRIPTION="Cacti is a complete frontend to rrdtool"
+HOMEPAGE="http://www.cacti.net/"
+SRC_URI="http://www.cacti.net/downloads/${MY_P}.tar.gz"
+
+LICENSE="GPL-2"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ppc ~ppc64 ~sparc ~x86"
+IUSE="snmp doc"
+
+need_httpd
+
+RDEPEND="
+ dev-lang/php[cli,mysql,session,sockets,xml]
+ dev-php/adodb
+ net-analyzer/rrdtool[graph]
+ virtual/cron
+ virtual/mysql
+ snmp? ( >=net-analyzer/net-snmp-5.2.0 )
+"
+
+src_prepare() {
+ epatch "${FILESDIR}"/${P}-CVE-2015-8369.patch
+
+ sed -i -e \
+ 's:$config\["library_path"\] . "/adodb/adodb.inc.php":"adodb/adodb.inc.php":' \
+ "${S}"/include/global.php || die
+
+ rm -rf lib/adodb || die # don't use bundled adodb
+}
+
+src_compile() { :; }
+
+src_install() {
+ webapp_src_preinst
+
+ rm LICENSE README || die
+ dodoc docs/{CHANGELOG,CONTRIB,README,txt/manual.txt}
+ use doc && dohtml -r docs/html/
+ rm -rf docs
+
+ edos2unix `find -type f -name '*.php'`
+
+ dodir ${MY_HTDOCSDIR}
+ cp -r . "${D}"${MY_HTDOCSDIR}
+
+ webapp_serverowned ${MY_HTDOCSDIR}/rra
+ webapp_serverowned ${MY_HTDOCSDIR}/log/cacti.log
+ webapp_configfile ${MY_HTDOCSDIR}/include/config.php
+ webapp_postinst_txt en "${FILESDIR}"/postinstall-en.txt
+
+ webapp_src_install
+}
diff --git a/net-analyzer/cacti/files/cacti-0.8.8f-CVE-2015-8369.patch b/net-analyzer/cacti/files/cacti-0.8.8f-CVE-2015-8369.patch
new file mode 100644
index 0000000..2019a61
--- /dev/null
+++ b/net-analyzer/cacti/files/cacti-0.8.8f-CVE-2015-8369.patch
@@ -0,0 +1,204 @@
+--- a/graph.php
++++ b/graph.php
+@@ -32,43 +32,43 @@
+
+ api_plugin_hook_function('graph');
+
+-include_once("./lib/html_tree.php");
+-include_once("./include/top_graph_header.php");
+-
+ /* ================= input validation ================= */
+-input_validate_input_regex(get_request_var("rra_id"), "^([0-9]+|all)$");
+-input_validate_input_number(get_request_var("local_graph_id"));
+-input_validate_input_number(get_request_var("graph_end"));
+-input_validate_input_number(get_request_var("graph_start"));
++input_validate_input_regex(get_request_var_request("rra_id"), "^([0-9]+|all)$");
++input_validate_input_number(get_request_var_request("local_graph_id"));
++input_validate_input_number(get_request_var_request("graph_end"));
++input_validate_input_number(get_request_var_request("graph_start"));
+ input_validate_input_regex(get_request_var_request("view_type"), "^([a-zA-Z0-9]+)$");
+ /* ==================================================== */
+
+-if (!isset($_GET['rra_id'])) {
+- $_GET['rra_id'] = 'all';
++include_once("./lib/html_tree.php");
++include_once("./include/top_graph_header.php");
++
++if (!isset($_REQUEST['rra_id'])) {
++ $_REQUEST['rra_id'] = 'all';
+ }
+
+-if ($_GET["rra_id"] == "all") {
++if ($_REQUEST["rra_id"] == "all") {
+ $sql_where = " where id is not null";
+ }else{
+- $sql_where = " where id=" . $_GET["rra_id"];
++ $sql_where = " where id=" . $_REQUEST["rra_id"];
+ }
+
+ /* make sure the graph requested exists (sanity) */
+-if (!(db_fetch_cell("select local_graph_id from graph_templates_graph where local_graph_id=" . $_GET["local_graph_id"]))) {
++if (!(db_fetch_cell("select local_graph_id from graph_templates_graph where local_graph_id=" . $_REQUEST["local_graph_id"]))) {
+ print "<strong><font size='+1' color='FF0000'>GRAPH DOES NOT EXIST</font></strong>"; exit;
+ }
+
+ /* take graph permissions into account here, if the user does not have permission
+ give an "access denied" message */
+ if (read_config_option("auth_method") != 0) {
+- $access_denied = !(is_graph_allowed($_GET["local_graph_id"]));
++ $access_denied = !(is_graph_allowed($_REQUEST["local_graph_id"]));
+
+ if ($access_denied == true) {
+ print "<strong><font size='+1' color='FF0000'>ACCESS DENIED</font></strong>"; exit;
+ }
+ }
+
+-$graph_title = get_graph_title($_GET["local_graph_id"]);
++$graph_title = get_graph_title($_REQUEST["local_graph_id"]);
+
+ if ($_REQUEST["view_type"] == "tree") {
+ print "<table width='100%' style='background-color: #ffffff; border: 1px solid #ffffff;' align='center' cellspacing='0' cellpadding='3'>";
+@@ -76,15 +76,15 @@
+ print "<table width='100%' style='background-color: #f5f5f5; border: 1px solid #bbbbbb;' align='center' cellspacing='0' cellpadding='3'>";
+ }
+
+-$rras = get_associated_rras($_GET["local_graph_id"]);
++$rras = get_associated_rras($_REQUEST["local_graph_id"]);
+
+ switch ($_REQUEST["action"]) {
+ case 'view':
+ api_plugin_hook_function('page_buttons',
+- array('lgid' => $_GET["local_graph_id"],
++ array('lgid' => $_REQUEST["local_graph_id"],
+ 'leafid' => '',//$leaf_id,
+ 'mode' => 'mrtg',
+- 'rraid' => $_GET["rra_id"])
++ 'rraid' => $_REQUEST["rra_id"])
+ );
+ ?>
+ <tr class='tableHeader'>
+@@ -105,13 +105,13 @@
+ <table width='1' cellpadding='0'>
+ <tr>
+ <td>
+- <img class='graphimage' id='graph_<?php print $_GET["local_graph_id"] ?>' src='<?php print htmlspecialchars("graph_image.php?action=view&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $rra["id"]);?>' border='0' alt='<?php print htmlspecialchars($graph_title, ENT_QUOTES);?>'>
++ <img class='graphimage' id='graph_<?php print $_REQUEST["local_graph_id"] ?>' src='<?php print htmlspecialchars("graph_image.php?action=view&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $rra["id"]);?>' border='0' alt='<?php print htmlspecialchars($graph_title, ENT_QUOTES);?>'>
+ </td>
+ <td valign='top' style='padding: 3px;' class='noprint'>
+- <a href='<?php print htmlspecialchars("graph.php?action=zoom&local_graph_id=" . $_GET["local_graph_id"]. "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_zoom.gif' border='0' alt='Zoom Graph' title='Zoom Graph' style='padding: 3px;'></a><br>
+- <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br>
+- <a href='<?php print htmlspecialchars("graph.php?action=properties&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_properties.gif' border='0' alt='Graph Source/Properties' title='Graph Source/Properties' style='padding: 3px;'></a>
+- <?php api_plugin_hook('graph_buttons', array('hook' => 'view', 'local_graph_id' => $_GET['local_graph_id'], 'rra' => $rra['id'], 'view_type' => $_REQUEST['view_type'])); ?>
++ <a href='<?php print htmlspecialchars("graph.php?action=zoom&local_graph_id=" . $_REQUEST["local_graph_id"]. "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_zoom.gif' border='0' alt='Zoom Graph' title='Zoom Graph' style='padding: 3px;'></a><br>
++ <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br>
++ <a href='<?php print htmlspecialchars("graph.php?action=properties&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_properties.gif' border='0' alt='Graph Source/Properties' title='Graph Source/Properties' style='padding: 3px;'></a>
++ <?php api_plugin_hook('graph_buttons', array('hook' => 'view', 'local_graph_id' => $_REQUEST['local_graph_id'], 'rra' => $rra['id'], 'view_type' => $_REQUEST['view_type'])); ?>
+ <a href='#page_top'><img src='<?php print $config['url_path']; ?>images/graph_page_top.gif' border='0' alt='Page Top' title='Page Top' style='padding: 3px;'></a><br>
+ </td>
+ </tr>
+@@ -143,7 +143,7 @@
+ }
+
+ /* fetch information for the current RRA */
+- $rra = db_fetch_row("select id,timespan,steps,name from rra where id=" . $_GET["rra_id"]);
++ $rra = db_fetch_row("select id,timespan,steps,name from rra where id=" . $_REQUEST["rra_id"]);
+
+ /* define the time span, which decides which rra to use */
+ $timespan = -($rra["timespan"]);
+@@ -154,24 +154,24 @@
+ FROM (data_template_data,data_template_rrd,graph_templates_item)
+ WHERE graph_templates_item.task_item_id=data_template_rrd.id
+ AND data_template_rrd.local_data_id=data_template_data.local_data_id
+- AND graph_templates_item.local_graph_id=" . $_GET["local_graph_id"] .
++ AND graph_templates_item.local_graph_id=" . $_REQUEST["local_graph_id"] .
+ " LIMIT 0,1");
+ $ds_step = empty($ds_step) ? 300 : $ds_step;
+ $seconds_between_graph_updates = ($ds_step * $rra["steps"]);
+
+ $now = time();
+
+- if (isset($_GET["graph_end"]) && ($_GET["graph_end"] <= $now - $seconds_between_graph_updates)) {
+- $graph_end = $_GET["graph_end"];
++ if (isset($_REQUEST["graph_end"]) && ($_REQUEST["graph_end"] <= $now - $seconds_between_graph_updates)) {
++ $graph_end = $_REQUEST["graph_end"];
+ }else{
+ $graph_end = $now - $seconds_between_graph_updates;
+ }
+
+- if (isset($_GET["graph_start"])) {
+- if (($graph_end - $_GET["graph_start"])>$max_timespan) {
++ if (isset($_REQUEST["graph_start"])) {
++ if (($graph_end - $_REQUEST["graph_start"])>$max_timespan) {
+ $graph_start = $now - $max_timespan;
+ }else {
+- $graph_start = $_GET["graph_start"];
++ $graph_start = $_REQUEST["graph_start"];
+ }
+ }else{
+ $graph_start = $now + $timespan;
+@@ -186,7 +186,7 @@
+ graph_templates_graph.height,
+ graph_templates_graph.width
+ from graph_templates_graph
+- where graph_templates_graph.local_graph_id=" . $_GET["local_graph_id"]);
++ where graph_templates_graph.local_graph_id=" . $_REQUEST["local_graph_id"]);
+
+ $graph_height = $graph["height"];
+ $graph_width = $graph["width"];
+@@ -214,12 +214,12 @@
+ <table width='1' cellpadding='0'>
+ <tr>
+ <td>
+- <img id='zoomGraphImage' class="graphimage" src='<?php print htmlspecialchars("graph_image.php?action=zoom&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end . "&graph_height=" . $graph_height . "&graph_width=" . $graph_width . "&title_font_size=" . $title_font_size);?>' border='0' alt='<?php print htmlspecialchars($graph_title, ENT_QUOTES);?>'>
++ <img id='zoomGraphImage' class="graphimage" src='<?php print htmlspecialchars("graph_image.php?action=zoom&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end . "&graph_height=" . $graph_height . "&graph_width=" . $graph_width . "&title_font_size=" . $title_font_size);?>' border='0' alt='<?php print htmlspecialchars($graph_title, ENT_QUOTES);?>'>
+ </td>
+ <td valign='top' style='padding: 3px;' class='noprint'>
+- <a href='<?php print htmlspecialchars("graph.php?action=properties&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_properties.gif' border='0' alt='Graph Source/Properties' title='Graph Source/Properties' style='padding: 3px;'></a>
+- <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"]);?>&graph_start=<?php print $graph_start;?>&graph_end=<?php print $graph_end;?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br>
+- <?php api_plugin_hook('graph_buttons', array('hook' => 'zoom', 'local_graph_id' => $_GET['local_graph_id'], 'rra' => $_GET['rra_id'], 'view_type' => $_REQUEST['view_type'])); ?>
++ <a href='<?php print htmlspecialchars("graph.php?action=properties&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_properties.gif' border='0' alt='Graph Source/Properties' title='Graph Source/Properties' style='padding: 3px;'></a>
++ <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"]);?>&graph_start=<?php print $graph_start;?>&graph_end=<?php print $graph_end;?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br>
++ <?php api_plugin_hook('graph_buttons', array('hook' => 'zoom', 'local_graph_id' => $_REQUEST['local_graph_id'], 'rra' => $_REQUEST['rra_id'], 'view_type' => $_REQUEST['view_type'])); ?>
+ </td>
+ </tr>
+ <tr>
+@@ -249,17 +249,17 @@
+ <table width='1' cellpadding='0'>
+ <tr>
+ <td>
+- <img src='<?php print htmlspecialchars("graph_image.php?action=properties&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&graph_start=" . (isset($_GET["graph_start"]) ? $_GET["graph_start"] : "0") . "&graph_end=" . (isset($_GET["graph_end"]) ? $_GET["graph_end"] : "0"));?>' border='0' alt='<?php print htmlspecialchars($graph_title);?>'>
++ <img src='<?php print htmlspecialchars("graph_image.php?action=properties&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&graph_start=" . (isset($_REQUEST["graph_start"]) ? $_REQUEST["graph_start"] : "0") . "&graph_end=" . (isset($_REQUEST["graph_end"]) ? $_REQUEST["graph_end"] : "0"));?>' border='0' alt='<?php print htmlspecialchars($graph_title);?>'>
+ </td>
+ <td valign='top' style='padding: 3px;'>
+- <a href='<?php print htmlspecialchars("graph.php?action=zoom&local_graph_id=" . $_GET["local_graph_id"]. "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . get_request_var("graph_start") . "&graph_end=" . get_request_var("graph_end"));?>'><img src='images/graph_zoom.gif' border='0' alt='Zoom Graph' title='Zoom Graph' style='padding: 3px;'></a><br>
+- <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"]);?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br>
+- <?php api_plugin_hook('graph_buttons', array('hook' => 'properties', 'local_graph_id' => $_GET['local_graph_id'], 'rra' => $_GET['rra_id'], 'view_type' => $_REQUEST['view_type'])); ?>
++ <a href='<?php print htmlspecialchars("graph.php?action=zoom&local_graph_id=" . $_REQUEST["local_graph_id"]. "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . get_request_var("graph_start") . "&graph_end=" . get_request_var("graph_end"));?>'><img src='images/graph_zoom.gif' border='0' alt='Zoom Graph' title='Zoom Graph' style='padding: 3px;'></a><br>
++ <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"]);?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br>
++ <?php api_plugin_hook('graph_buttons', array('hook' => 'properties', 'local_graph_id' => $_REQUEST['local_graph_id'], 'rra' => $_REQUEST['rra_id'], 'view_type' => $_REQUEST['view_type'])); ?>
+ </td>
+ </tr>
+ <tr>
+ <td colspan='2' align='center'>
+- <strong><?php print htmlspecialchars(db_fetch_cell("select name from rra where id=" . $_GET["rra_id"]));?></strong>
++ <strong><?php print htmlspecialchars(db_fetch_cell("select name from rra where id=" . $_REQUEST["rra_id"]));?></strong>
+ </td>
+ </tr>
+ </table>
+--- a/include/top_graph_header.php
++++ b/include/top_graph_header.php
+@@ -146,12 +146,12 @@
+ $graph_data_array["print_source"] = true;
+
+ /* override: graph start time (unix time) */
+- if (!empty($_GET["graph_start"])) {
++ if (!empty($_REQUEST["graph_start"])) {
+ $graph_data_array["graph_start"] = get_request_var_request("graph_start");
+ }
+
+ /* override: graph end time (unix time) */
+- if (!empty($_GET["graph_end"])) {
++ if (!empty($_REQUEST["graph_end"])) {
+ $graph_data_array["graph_end"] = get_request_var_request("graph_end");
+ }
+
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/cacti/, net-analyzer/cacti/files/
@ 2021-10-17 20:39 John Helmert III
0 siblings, 0 replies; 2+ messages in thread
From: John Helmert III @ 2021-10-17 20:39 UTC (permalink / raw
To: gentoo-commits
commit: 8d752c75f06d85b2eeceb3770f27484ca7bd2df1
Author: John Helmert III <ajak <AT> gentoo <DOT> org>
AuthorDate: Sun Oct 17 20:07:19 2021 +0000
Commit: John Helmert III <ajak <AT> gentoo <DOT> org>
CommitDate: Sun Oct 17 20:36:42 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8d752c75
net-analyzer/cacti: drop 1.2.16-r1
Bug: https://bugs.gentoo.org/765022
Signed-off-by: John Helmert III <ajak <AT> gentoo.org>
net-analyzer/cacti/Manifest | 1 -
net-analyzer/cacti/cacti-1.2.16-r1.ebuild | 54 ----
.../cacti/files/cacti-1.2.16-CVE-2020-35701.patch | 29 --
.../cacti/files/cacti-1.2.16-XSS-issue-4019.patch | 360 ---------------------
4 files changed, 444 deletions(-)
diff --git a/net-analyzer/cacti/Manifest b/net-analyzer/cacti/Manifest
index 8d2399500a5..b8685c4f777 100644
--- a/net-analyzer/cacti/Manifest
+++ b/net-analyzer/cacti/Manifest
@@ -1,2 +1 @@
-DIST cacti-1.2.16.tar.gz 29197220 BLAKE2B 19939d0ff79c895b481aeb7ffec8331d8b9c10a6b7e0dbda6532e06ef0322f21cf02f4bf53a9522e1f672dd04b343f5550e2f34f08b3af2050e1f72465cffc43 SHA512 fe22acf4dea8ab6ec79825d66a84ad4c43fdce2815e7327536d182bc04400ed7b1d268209bbbca8b307c4779ee5bf7369a617ec1f052d8805757c2ca9b30cc35
DIST cacti-1.2.17.tar.gz 38344112 BLAKE2B e555fc99560d10e94181c38b50e6f839532fb3dc66ff688b36a7efd10c15304e7636c9b4b483763fcea751317bcb283bb2bd8f813d5759c98aed6bbf02fd256a SHA512 94ae75b2494a91c536906c7bbeaa948d16c7ad96ed3a62c1eb21175f92c01787c6849960bbc791e04b3df46edbfd3cd787eb825bb423ce0814c0904edb2c915d
diff --git a/net-analyzer/cacti/cacti-1.2.16-r1.ebuild b/net-analyzer/cacti/cacti-1.2.16-r1.ebuild
deleted file mode 100644
index 78185ebd73d..00000000000
--- a/net-analyzer/cacti/cacti-1.2.16-r1.ebuild
+++ /dev/null
@@ -1,54 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit edos2unix webapp
-
-# Support for _p* in version.
-MY_P=${P/_p*/}
-
-DESCRIPTION="Cacti is a complete frontend to rrdtool"
-HOMEPAGE="https://www.cacti.net/"
-SRC_URI="https://www.cacti.net/downloads/${MY_P}.tar.gz"
-
-LICENSE="GPL-2"
-KEYWORDS="~alpha amd64 ~arm ~hppa ~ppc ~ppc64 sparc x86"
-IUSE="snmp doc"
-
-need_httpd
-
-RDEPEND="
- dev-lang/php[cli,mysql,pdo,session,sockets,xml]
- dev-php/adodb
- net-analyzer/rrdtool[graph]
- virtual/cron
- snmp? ( >=net-analyzer/net-snmp-5.2.0 )
-"
-
-PATCHES=(
- "${FILESDIR}/${P}-CVE-2020-35701.patch"
- "${FILESDIR}/${P}-XSS-issue-4019.patch"
-)
-
-src_compile() { :; }
-
-src_install() {
- dodoc CHANGELOG
- dodoc -r docs
- mv docs .. || die
-
- webapp_src_preinst
-
- edos2unix `find -type f -name '*.php'`
-
- dodir ${MY_HTDOCSDIR}
- cp -r . "${ED}"${MY_HTDOCSDIR}
-
- webapp_serverowned ${MY_HTDOCSDIR}/rra
- webapp_serverowned ${MY_HTDOCSDIR}/log
- webapp_configfile ${MY_HTDOCSDIR}/include/config.php
- webapp_postinst_txt en "${FILESDIR}"/postinstall-en.txt
-
- webapp_src_install
-}
diff --git a/net-analyzer/cacti/files/cacti-1.2.16-CVE-2020-35701.patch b/net-analyzer/cacti/files/cacti-1.2.16-CVE-2020-35701.patch
deleted file mode 100644
index f55b7b0a40d..00000000000
--- a/net-analyzer/cacti/files/cacti-1.2.16-CVE-2020-35701.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-https://bugs.gentoo.org/765019
-https://github.com/Cacti/cacti/commit/565e0604a53f4988dc5b544d01f4a631eaa80d82
-
-From 565e0604a53f4988dc5b544d01f4a631eaa80d82 Mon Sep 17 00:00:00 2001
-From: TheWitness <thewitness@cacti.net>
-Date: Thu, 24 Dec 2020 10:39:50 -0500
-Subject: [PATCH] Fixing Issue #4022
-
-SQL Injection in data_debug.php
---- a/data_debug.php
-+++ b/data_debug.php
-@@ -35,6 +35,8 @@
-
- set_default_action();
-
-+validate_request_vars();
-+
- switch (get_request_var('action')) {
- case 'actions':
- form_actions();
-@@ -123,8 +125,6 @@
-
- break;
- default:
-- validate_request_vars();
--
- $refresh = array(
- 'seconds' => get_request_var('refresh'),
- 'page' => 'data_debug.php?header=false',
diff --git a/net-analyzer/cacti/files/cacti-1.2.16-XSS-issue-4019.patch b/net-analyzer/cacti/files/cacti-1.2.16-XSS-issue-4019.patch
deleted file mode 100644
index 1f09e572c86..00000000000
--- a/net-analyzer/cacti/files/cacti-1.2.16-XSS-issue-4019.patch
+++ /dev/null
@@ -1,360 +0,0 @@
-https://github.com/Cacti/cacti/issues/4019
-
-From ef10fe1c340ed932dc18b6a566b21f9dd15933c2 Mon Sep 17 00:00:00 2001
-From: TheWitness <thewitness@cacti.net>
-Date: Wed, 23 Dec 2020 16:33:27 -0500
-Subject: [PATCH] Fixing Issue #4019
-
-* In a recent audit of core Cacti code, there were a few stored XSS issues that can be exposed
-* Also removed a few spurious title_trims, that should no longer be a problem.
---- a/automation_devices.php
-+++ b/automation_devices.php
-@@ -485,7 +485,7 @@ function draw_filter() {
- <?php
- if (cacti_sizeof($networks)) {
- foreach ($networks as $key => $name) {
-- print "<option value='" . $key . "'"; if (get_request_var('network') == $key) { print ' selected'; } print '>' . $name . "</option>";
-+ print "<option value='" . html_escape($key) . "'"; if (get_request_var('network') == $key) { print ' selected'; } print '>' . html_escape($name) . "</option>";
- }
- }
- ?>
-@@ -515,7 +515,7 @@ function draw_filter() {
- <?php
- if (cacti_sizeof($status_arr)) {
- foreach ($status_arr as $st) {
-- print "<option value='" . $st . "'"; if (get_request_var('status') == $st) { print ' selected'; } print '>' . $st . "</option>";
-+ print "<option value='" . html_escape($st) . "'"; if (get_request_var('status') == $st) { print ' selected'; } print '>' . html_escape($st) . "</option>";
- }
- }
- ?>
-@@ -530,7 +530,7 @@ function draw_filter() {
- <?php
- if (cacti_sizeof($os_arr)) {
- foreach ($os_arr as $st) {
-- print "<option value='" . $st . "'"; if (get_request_var('os') == $st) { print ' selected'; } print '>' . $st . "</option>";
-+ print "<option value='" . html_escape($st) . "'"; if (get_request_var('os') == $st) { print ' selected'; } print '>' . html_escape($st) . "</option>";
- }
- }
- ?>
-@@ -545,7 +545,7 @@ function draw_filter() {
- <?php
- if (cacti_sizeof($status_arr)) {
- foreach ($status_arr as $st) {
-- print "<option value='" . $st . "'"; if (get_request_var('snmp') == $st) { print ' selected'; } print '>' . $st . "</option>";
-+ print "<option value='" . html_escape($st) . "'"; if (get_request_var('snmp') == $st) { print ' selected'; } print '>' . html_escape($st) . "</option>";
- }
- }
- ?>
-@@ -560,7 +560,7 @@ function draw_filter() {
- <?php
- if (cacti_sizeof($item_rows) > 0) {
- foreach ($item_rows as $key => $value) {
-- print "<option value='" . $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . $value . "</option>";
-+ print "<option value='" . $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . html_escape($value) . "</option>";
- }
- }
- ?>
---- a/data_debug.php
-+++ b/data_debug.php
-@@ -969,7 +969,7 @@ function data_debug_filter() {
-
- if (cacti_sizeof($templates) > 0) {
- foreach ($templates as $template) {
-- print "<option value='" . $template['id'] . "'"; if (get_request_var('template_id') == $template['id']) { print ' selected'; } print '>' . title_trim(html_escape($template['name']), 40) . "</option>";
-+ print "<option value='" . $template['id'] . "'"; if (get_request_var('template_id') == $template['id']) { print ' selected'; } print '>' . html_escape($template['name']) . '</option>';
- }
- }
- ?>
-@@ -997,7 +997,7 @@ function data_debug_filter() {
- $profiles = array_rekey(db_fetch_assoc('SELECT id, name FROM data_source_profiles ORDER BY name'), 'id', 'name');
- if (cacti_sizeof($profiles)) {
- foreach ($profiles as $key => $value) {
-- print "<option value='" . $key . "'"; if (get_request_var('profile') == $key) { print ' selected'; } print '>' . html_escape($value) . "</option>";
-+ print "<option value='" . $key . "'"; if (get_request_var('profile') == $key) { print ' selected'; } print '>' . html_escape($value) . '</option>';
- }
- }
- ?>
-@@ -1063,7 +1063,7 @@ function data_debug_filter() {
- <?php
- if (cacti_sizeof($item_rows) > 0) {
- foreach ($item_rows as $key => $value) {
-- print "<option value='" . $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . html_escape($value) . "</option>";
-+ print "<option value='" . $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . html_escape($value) . '</option>';
- }
- }
- ?>
---- a/data_sources.php
-+++ b/data_sources.php
-@@ -1361,7 +1361,7 @@ function clearFilter() {
-
- if (cacti_sizeof($templates)) {
- foreach ($templates as $template) {
-- print "<option value='" . $template['id'] . "'"; if (get_request_var('template_id') == $template['id']) { print ' selected'; } print '>' . title_trim(html_escape($template['name']), 40) . '</option>';
-+ print "<option value='" . $template['id'] . "'"; if (get_request_var('template_id') == $template['id']) { print ' selected'; } print '>' . html_escape($template['name']) . '</option>';
- }
- }
- ?>
---- a/lib/api_automation.php
-+++ b/lib/api_automation.php
-@@ -154,7 +154,7 @@ function clearDeviceFilter() {
-
- if (cacti_sizeof($host_templates)) {
- foreach ($host_templates as $host_template) {
-- print "<option value='" . $host_template['id'] . "'"; if (get_request_var('host_template_id') == $host_template['id']) { print ' selected'; } print '>' . $host_template['name'] . "</option>\n";
-+ print "<option value='" . $host_template['id'] . "'"; if (get_request_var('host_template_id') == $host_template['id']) { print ' selected'; } print '>' . html_escape($host_template['name']) . '</option>';
- }
- }
- ?>
-@@ -184,7 +184,7 @@ function clearDeviceFilter() {
- <?php
- if (cacti_sizeof($item_rows)) {
- foreach ($item_rows as $key => $value) {
-- print "<option value='". $key . "'"; if (get_request_var('rowsd') == $key) { print ' selected'; } print '>' . $value . '</option>\n';
-+ print "<option value='". $key . "'"; if (get_request_var('rowsd') == $key) { print ' selected'; } print '>' . $value . '</option>';
- }
- }
- ?>
-@@ -432,7 +432,7 @@ function clearFilter() {
- $hosts = get_allowed_devices();
- if (cacti_sizeof($hosts)) {
- foreach ($hosts as $host) {
-- print "<option value='" . $host['id'] . "'"; if (get_request_var('host_id') == $host['id']) { print ' selected'; } print '>' . html_escape($host['description']) . "</option>\n";
-+ print "<option value='" . $host['id'] . "'"; if (get_request_var('host_id') == $host['id']) { print ' selected'; } print '>' . html_escape($host['description']) . '</option>';
- }
- }
- ?>
-@@ -453,7 +453,7 @@ function clearFilter() {
-
- if (cacti_sizeof($templates) > 0) {
- foreach ($templates as $template) {
-- print "<option value=' " . $template['id'] . "'"; if (get_request_var('template_id') == $template['id']) { print ' selected'; } print '>' . title_trim($template['name'], 40) . "</option>\n";
-+ print "<option value=' " . $template['id'] . "'"; if (get_request_var('template_id') == $template['id']) { print ' selected'; } print '>' . html_escape($template['name']) . '</option>';
- }
- }
- ?>
-@@ -484,7 +484,7 @@ function clearFilter() {
- <?php
- if (cacti_sizeof($item_rows)) {
- foreach ($item_rows as $key => $value) {
-- print "<option value='" . $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . $value . "</option>\n";
-+ print "<option value='" . $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . $value . '</option>';
- }
- }
- ?>
-@@ -718,7 +718,7 @@ function clearObjectFilter() {
- <?php
- if (cacti_sizeof($item_rows)) {
- foreach ($item_rows as $key => $value) {
-- print "<option value='". $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . $value . '</option>\n';
-+ print "<option value='". $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . $value . '</option>';
- }
- }
- ?>
-@@ -1078,10 +1078,10 @@ function clearFilter() {
- <?php
- $host_templates = db_fetch_assoc('select id,name from host_template order by name');
-
-- if (cacti_sizeof($host_templates) > 0) {
-- foreach ($host_templates as $host_template) {
-- print "<option value='" . $host_template['id'] . "'"; if (get_request_var('host_template_id') == $host_template['id']) { print ' selected'; } print '>' . $host_template['name'] . "</option>\n";
-- }
-+ if (cacti_sizeof($host_templates)) {
-+ foreach ($host_templates as $host_template) {
-+ print "<option value='" . $host_template['id'] . "'"; if (get_request_var('host_template_id') == $host_template['id']) { print ' selected'; } print '>' . html_escape($host_template['name']) . '</option>';
-+ }
- }
- ?>
- </select>
-@@ -1110,7 +1110,7 @@ function clearFilter() {
- <?php
- if (cacti_sizeof($item_rows)) {
- foreach ($item_rows as $key => $value) {
-- print "<option value='" . $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . $value . "</option>\n";
-+ print "<option value='" . $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . $value . '</option>';
- }
- }
- ?>
---- a/lib/html.php
-+++ b/lib/html.php
-@@ -998,7 +998,7 @@ function html_create_list($form_data, $column_display, $column_id, $form_previou
- print ' selected';
- }
-
-- print '>' . title_trim(null_out_substitutions(html_escape($form_data[$id])), 75) . '</option>';
-+ print '>' . html_escape(null_out_substitutions($form_data[$id])) . '</option>';
- }
- }
- } else {
-@@ -1011,9 +1011,9 @@ function html_create_list($form_data, $column_display, $column_id, $form_previou
- }
-
- if (isset($row['host_id'])) {
-- print '>' . title_trim(html_escape($row[$column_display]), 75) . '</option>';
-+ print '>' . html_escape($row[$column_display]) . '</option>';
- } else {
-- print '>' . title_trim(null_out_substitutions(html_escape($row[$column_display])), 75) . '</option>';
-+ print '>' . html_escape(null_out_substitutions($row[$column_display])) . '</option>';
- }
- }
- }
-@@ -2010,7 +2010,7 @@ function html_host_filter($host_id = '-1', $call_back = 'applyFilter', $sql_wher
-
- if (cacti_sizeof($devices)) {
- foreach ($devices as $device) {
-- print "<option value='" . $device['id'] . "'"; if ($host_id == $device['id']) { print ' selected'; } print '>' . title_trim(html_escape(strip_domain($device['description'])), 40) . '</option>';
-+ print "<option value='" . $device['id'] . "'"; if ($host_id == $device['id']) { print ' selected'; } print '>' . html_escape(strip_domain($device['description'])) . '</option>';
- }
- }
- ?>
-@@ -2385,6 +2385,7 @@ function html_common_header($title, $selectedTheme = '') {
- <meta name='apple-mobile-web-app-capable' content='yes'>
- <meta name='description' content='Monitoring tool of the Internet'>
- <meta name='mobile-web-app-capable' content='yes'>
-+ <meta name="theme-color" content="#161616"/>
- <meta http-equiv="Content-Security-Policy" content="default-src *; img-src 'self' <?php print $alternates;?> data: blob:; style-src 'self' 'unsafe-inline' <?php print $alternates;?>; script-src 'self' <?php print $script_policy;?> 'unsafe-inline' <?php print $alternates;?>; worker-src 'self'">
- <meta name='robots' content='noindex,nofollow'>
- <title><?php print $title; ?></title>
---- a/lib/html_graph.php
-+++ b/lib/html_graph.php
-@@ -212,9 +212,9 @@ function html_graph_preview_filter($page, $action, $devices_where = '', $templat
- <select id='graphs' onChange='applyGraphFilter()'>
- <?php
- if (cacti_sizeof($graphs_per_page)) {
-- foreach ($graphs_per_page as $key => $value) {
-- print "<option value='" . $key . "'"; if (get_request_var('graphs') == $key) { print ' selected'; } print '>' . $value . "</option>\n";
-- }
-+ foreach ($graphs_per_page as $key => $value) {
-+ print "<option value='" . $key . "'"; if (get_request_var('graphs') == $key) { print ' selected'; } print '>' . $value . "</option>\n";
-+ }
- }
- ?>
- </select>
-@@ -260,7 +260,7 @@ function html_graph_preview_filter($page, $action, $devices_where = '', $templat
-
- if (cacti_sizeof($graph_timespans)) {
- foreach($graph_timespans as $value => $text) {
-- print "<option value='$value'"; if ($_SESSION['sess_current_timespan'] == $value) { print ' selected'; } print '>' . $text . "</option>\n";
-+ print "<option value='$value'"; if ($_SESSION['sess_current_timespan'] == $value) { print ' selected'; } print '>' . html_escape($text) . '</option>';
- }
- }
- ?>
-@@ -293,7 +293,7 @@ function html_graph_preview_filter($page, $action, $devices_where = '', $templat
- $end_val = cacti_sizeof($graph_timeshifts)+1;
- if (cacti_sizeof($graph_timeshifts) > 0) {
- for ($shift_value=$start_val; $shift_value < $end_val; $shift_value++) {
-- print "<option value='$shift_value'"; if ($_SESSION['sess_current_timeshift'] == $shift_value) { print ' selected'; } print '>' . title_trim($graph_timeshifts[$shift_value], 40) . "</option>\n";
-+ print "<option value='$shift_value'"; if ($_SESSION['sess_current_timeshift'] == $shift_value) { print ' selected'; } print '>' . html_escape($graph_timeshifts[$shift_value]) . '</option>';
- }
- }
- ?>
---- a/lib/html_tree.php
-+++ b/lib/html_tree.php
-@@ -1138,7 +1138,7 @@ function grow_right_pane_tree($tree_id, $leaf_id, $host_group_data) {
-
- if (cacti_sizeof($graph_timespans)) {
- foreach($graph_timespans as $value => $text) {
-- print "<option value='$value'"; if ($_SESSION['sess_current_timespan'] == $value) { print ' selected'; } print '>' . $text . '</option>';
-+ print "<option value='$value'"; if ($_SESSION['sess_current_timespan'] == $value) { print ' selected'; } print '>' . html_escape($text) . '</option>';
- }
- }
- ?>
-@@ -1171,7 +1171,7 @@ function grow_right_pane_tree($tree_id, $leaf_id, $host_group_data) {
- $end_val = cacti_sizeof($graph_timeshifts)+1;
- if (cacti_sizeof($graph_timeshifts)) {
- for ($shift_value=$start_val; $shift_value < $end_val; $shift_value++) {
-- print "<option value='$shift_value'"; if ($_SESSION['sess_current_timeshift'] == $shift_value) { print ' selected'; } print '>' . title_trim($graph_timeshifts[$shift_value], 40) . '</option>';
-+ print "<option value='$shift_value'"; if ($_SESSION['sess_current_timeshift'] == $shift_value) { print ' selected'; } print '>' . html_escape($graph_timeshifts[$shift_value]) . '</option>';
- }
- }
- ?>
---- a/managers.php
-+++ b/managers.php
-@@ -483,7 +483,7 @@ function clearFilter() {
- <?php
- if (cacti_sizeof($mibs)) {
- foreach ($mibs as $mib) {
-- print "<option value='" . $mib['mib'] . "'"; if (get_request_var('mib') == $mib['mib']) { print ' selected'; } print '>' . $mib['mib'] . '</option>';
-+ print "<option value='" . html_escape($mib['mib']) . "'"; if (get_request_var('mib') == $mib['mib']) { print ' selected'; } print '>' . html_escape($mib['mib']) . '</option>';
- }
- }
- ?>
---- a/utilities.php
-+++ b/utilities.php
-@@ -812,7 +812,7 @@ function applyFilter() {
-
- if (cacti_sizeof($users)) {
- foreach ($users as $user) {
-- print "<option value='" . $user['username'] . "'"; if (get_request_var('username') == $user['username']) { print ' selected'; } print '>' . $user['username'] . '</option>';
-+ print "<option value='" . html_escape($user['username']) . "'"; if (get_request_var('username') == $user['username']) { print ' selected'; } print '>' . html_escape($user['username']) . '</option>';
- }
- }
- ?>
-@@ -1034,19 +1034,19 @@ function utilities_view_logfile() {
-
- $logfile = basename(get_nfilter_request_var('filename'));
- $logbase = basename(read_config_option('path_cactilog'));
--
-+
- if ($logfile == '') {
- $logfile = $logbase;
- }
--
-+
- if ($logfile == '') {
- $logfile = 'cacti.log';
- }
--
-+
- $logname = '';
- $logpath = '';
-
-- if (!clog_validate_filename($logfile, $logpath, $logname, true)) {
-+ if (!clog_validate_filename($logfile, $logpath, $logname, true)) {
- raise_message('clog_invalid');
- header('Location: utilities.php?action=view_logfile&filename=' . $logbase);
- exit(0);
-@@ -1171,7 +1171,7 @@ function clearFilter() {
-
- if (cacti_sizeof($logFileArray)) {
- foreach ($logFileArray as $logFile) {
-- print "<option value='" . $logFile . "'";
-+ print "<option value='" . html_escape($logFile) . "'";
-
- if (get_nfilter_request_var('filename') == $logFile) {
- print ' selected';
-@@ -1182,7 +1182,7 @@ function clearFilter() {
- $logDate = cacti_count($logParts) < 2 ? '' : $logParts[1] . (isset($logParts[2]) ? '-' . $logParts[2]:'');
- $logName = $logParts[0];
-
-- print '>' . $logName . ($logDate != '' ? ' [' . substr($logDate,4) . ']':'') . '</option>';
-+ print '>' . html_escape($logName . ($logDate != '' ? ' [' . substr($logDate,4) . ']':'')) . '</option>';
- }
- }
- ?>
-@@ -1807,7 +1807,7 @@ function clearFilter() {
-
- if (cacti_sizeof($templates)) {
- foreach ($templates as $template) {
-- print "<option value='" . $template['id'] . "'"; if (get_request_var('template_id') == $template['id']) { print ' selected'; } print '>' . title_trim(html_escape($template['name']), 40) . '</option>';
-+ print "<option value='" . $template['id'] . "'"; if (get_request_var('template_id') == $template['id']) { print ' selected'; } print '>' . html_escape($template['name']) . '</option>';
- }
- }
- ?>
-@@ -2540,7 +2540,7 @@ function clearFilter() {
- <?php
- if (cacti_sizeof($mibs) > 0) {
- foreach ($mibs as $mib) {
-- print "<option value='" . $mib['mib'] . "'"; if (get_request_var('mib') == $mib['mib']) { print ' selected'; } print '>' . html_escape($mib['mib']) . '</option>';
-+ print "<option value='" . html_escape($mib['mib']) . "'"; if (get_request_var('mib') == $mib['mib']) { print ' selected'; } print '>' . html_escape($mib['mib']) . '</option>';
- }
- }
- ?>
-@@ -2804,7 +2804,7 @@ function purgeFilter() {
- <option value='-1'<?php if (get_request_var('receiver') == '-1') {?> selected<?php }?>><?php print __('Any');?></option>
- <?php
- foreach ($receivers as $receiver) {
-- print "<option value='" . $receiver['manager_id'] . "'"; if (get_request_var('receiver') == $receiver['manager_id']) { print ' selected'; } print '>' . $receiver['hostname'] . '</option>';
-+ print "<option value='" . $receiver['manager_id'] . "'"; if (get_request_var('receiver') == $receiver['manager_id']) { print ' selected'; } print '>' . html_escape($receiver['hostname']) . '</option>';
- }
- ?>
- </select>
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-10-17 20:39 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-10-17 20:39 [gentoo-commits] repo/gentoo:master commit in: net-analyzer/cacti/, net-analyzer/cacti/files/ John Helmert III
-- strict thread matches above, loose matches on Subject: below --
2016-02-02 5:11 Jeroen Roovers
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox