* [gentoo-commits] repo/gentoo:master commit in: net-nds/phpldapadmin/files/
@ 2017-01-29 17:41 99% Michael Palimaka
0 siblings, 0 replies; 1+ results
From: Michael Palimaka @ 2017-01-29 17:41 UTC (permalink / raw
To: gentoo-commits
commit: 09a069f6ee2dd1e495a5cbf236d0607c66f997a3
Author: Michael Mair-Keimberger (asterix) <m.mairkeimberger <AT> gmail <DOT> com>
AuthorDate: Fri Jan 27 15:29:20 2017 +0000
Commit: Michael Palimaka <kensington <AT> gentoo <DOT> org>
CommitDate: Sun Jan 29 17:41:35 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=09a069f6
net-nds/phpldapadmin: remove unused patches
.../phpldapadmin-1.2.1.1-fix-cmd-exploit.patch | 27 -----------------
...hpldapadmin-1.2.1.1-fix-functions-exploit.patch | 28 ------------------
.../files/phpldapadmin-1.2.2-base.patch | 34 ----------------------
3 files changed, 89 deletions(-)
diff --git a/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-cmd-exploit.patch b/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-cmd-exploit.patch
deleted file mode 100644
index b5ae92d..00000000
--- a/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-cmd-exploit.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 64668e882b8866fae0fa1b25375d1a2f3b4672e2 Mon Sep 17 00:00:00 2001
-From: Deon George <wurley@users.sf.net>
-Date: Wed, 27 Jul 2011 07:30:06 +1000
-Subject: [PATCH] Remove XSS vulnerabilty in debug code
-
----
- htdocs/cmd.php | 4 ----
- 1 files changed, 0 insertions(+), 4 deletions(-)
-
-diff --git a/htdocs/cmd.php b/htdocs/cmd.php
-index 34f3848..0ddf004 100644
---- a/htdocs/cmd.php
-+++ b/htdocs/cmd.php
-@@ -19,10 +19,6 @@ $www['meth'] = get_request('meth','REQUEST');
- ob_start();
-
- switch ($www['cmd']) {
-- case '_debug':
-- debug_dump($_REQUEST,1);
-- break;
--
- default:
- if (defined('HOOKSDIR') && file_exists(HOOKSDIR.$www['cmd'].'.php'))
- $app['script_cmd'] = HOOKSDIR.$www['cmd'].'.php';
---
-1.7.4.1
-
diff --git a/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-functions-exploit.patch b/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-functions-exploit.patch
deleted file mode 100644
index bc18b45..00000000
--- a/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-functions-exploit.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From 76e6dad13ef77c5448b8dfed1a61e4acc7241165 Mon Sep 17 00:00:00 2001
-From: Deon George <wurley@users.sf.net>
-Date: Thu, 6 Oct 2011 09:03:20 +1100
-Subject: [PATCH] SF Bug #3417184 - PHP Code Injection Vulnerability
-
----
- lib/functions.php | 5 +++--
- 1 files changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/lib/functions.php b/lib/functions.php
-index 19fde99..eb160dc 100644
---- a/lib/functions.php
-+++ b/lib/functions.php
-@@ -1003,8 +1003,9 @@ function masort(&$data,$sortby,$rev=0) {
- if (defined('DEBUG_ENABLED') && DEBUG_ENABLED && (($fargs=func_get_args())||$fargs='NOARGS'))
- debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs);
-
-- # if the array to sort is null or empty
-- if (! $data) return;
-+ # if the array to sort is null or empty, or if we have some nasty chars
-+ if (! preg_match('/^[a-zA-Z0-9_]+(\([a-zA-Z0-9_,]*\))?$/',$sortby) || ! $data)
-+ return;
-
- static $CACHE = array();
-
---
-1.7.4.1
-
diff --git a/net-nds/phpldapadmin/files/phpldapadmin-1.2.2-base.patch b/net-nds/phpldapadmin/files/phpldapadmin-1.2.2-base.patch
deleted file mode 100644
index bff3c62..00000000
--- a/net-nds/phpldapadmin/files/phpldapadmin-1.2.2-base.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From 7dc8d57d6952fe681cb9e8818df7f103220457bd Mon Sep 17 00:00:00 2001
-From: Deon George <wurley@users.sf.net>
-Date: Tue, 24 Jan 2012 12:37:28 +1100
-Subject: [PATCH] SF Bug #3477910 - XSS vulnerability in query
-
----
- lib/QueryRender.php | 4 ++--
- 1 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/lib/QueryRender.php b/lib/QueryRender.php
-index 291ec40..685f3ba 100644
---- a/lib/QueryRender.php
-+++ b/lib/QueryRender.php
-@@ -497,7 +497,7 @@ class QueryRender extends PageRender {
- $this->getAjaxRef($base),
- $this->getAjaxRef($base),
- ($show == $this->getAjaxRef($base) ? '#F0F0F0' : '#E0E0E0'),
-- $base);
-+ htmlspecialchars($base));
- }
- echo '</tr>';
- echo '</table>';
-@@ -545,7 +545,7 @@ class QueryRender extends PageRender {
- echo ' ]</small>';
-
- echo '<br />';
-- printf('<small>%s: <b>%s</b></small>',_('Base DN'),$base);
-+ printf('<small>%s: <b>%s</b></small>',_('Base DN'),htmlspecialchars($base));
-
- echo '<br />';
- printf('<small>%s: <b>%s</b></small>',_('Filter performed'),htmlspecialchars($this->template->resultsdata[$base]['filter']));
---
-1.7.4.1
-
^ permalink raw reply related [relevance 99%]
Results 1-1 of 1 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2017-01-29 17:41 99% [gentoo-commits] repo/gentoo:master commit in: net-nds/phpldapadmin/files/ Michael Palimaka
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox