diff options
| author | Krzysztof <ports@bsdserwis.com> | 2023-07-04 06:10:46 +0000 |
|---|---|---|
| committer | Fernando ApesteguĂa <fernape@FreeBSD.org> | 2023-07-04 15:15:34 +0000 |
| commit | 61cfb3cbfa0279361042afb790b5722a1a88fd04 (patch) | |
| tree | 3d21b48393a55c56af6aaef0c1254f5a215ad009 | |
| parent | a65fea8040f28079ff393fe71e2eed7efe05b720 (diff) | |
| download | ports-61cfb3cbfa0279361042afb790b5722a1a88fd04.tar.gz ports-61cfb3cbfa0279361042afb790b5722a1a88fd04.zip | |
net/phpldapadmin: update to 1.2.6.6
ChangeLog: https://github.com/leenooks/phpLDAPadmin/compare/1.2.6.5...1.2.6.6
Another fix for CVE-2020-35132.
PR: 272348
Reported by: ports@bsdserwis.com (maintainer)
MFH: 2023Q3 (security fix)
Security: CVE-2020-35132
| -rw-r--r-- | net/phpldapadmin/Makefile | 2 | ||||
| -rw-r--r-- | net/phpldapadmin/distinfo | 6 | ||||
| -rw-r--r-- | net/phpldapadmin/files/patch-lib_import__functions.php | 79 |
3 files changed, 83 insertions, 4 deletions
diff --git a/net/phpldapadmin/Makefile b/net/phpldapadmin/Makefile index 20ddb167b609..046e144d3cae 100644 --- a/net/phpldapadmin/Makefile +++ b/net/phpldapadmin/Makefile @@ -1,5 +1,5 @@ PORTNAME= phpldapadmin -PORTVERSION= 1.2.6.5 +DISTVERSION= 1.2.6.6 CATEGORIES= net www PKGNAMESUFFIX= ${PHP_PKGNAMESUFFIX} diff --git a/net/phpldapadmin/distinfo b/net/phpldapadmin/distinfo index dd8beb5b6259..68ac35333cef 100644 --- a/net/phpldapadmin/distinfo +++ b/net/phpldapadmin/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1676551762 -SHA256 (leenooks-phpLDAPadmin-1.2.6.5_GH0.tar.gz) = 882a508029cfa0e42a3a6700f1548b477b135ecb2d4fef9bf63ea8d781ea22c1 -SIZE (leenooks-phpLDAPadmin-1.2.6.5_GH0.tar.gz) = 1132582 +TIMESTAMP = 1688152341 +SHA256 (leenooks-phpLDAPadmin-1.2.6.6_GH0.tar.gz) = 7a8c02a611e60aa6713d1cf863dfac9637e23c3f4d401ea5e47dbe2b22d4895a +SIZE (leenooks-phpLDAPadmin-1.2.6.6_GH0.tar.gz) = 1132820 diff --git a/net/phpldapadmin/files/patch-lib_import__functions.php b/net/phpldapadmin/files/patch-lib_import__functions.php new file mode 100644 index 000000000000..af887114593e --- /dev/null +++ b/net/phpldapadmin/files/patch-lib_import__functions.php @@ -0,0 +1,79 @@ +--- lib/import_functions.php.orig 2023-04-01 13:46:16 UTC ++++ lib/import_functions.php +@@ -255,7 +255,7 @@ class ImportLDIF extends Import { + if (substr($value,0,1) == ':') + $value = base64_decode(trim(substr($value,1))); + else +- $value = trim($value); ++ $value = trim((string) $value); + + return array($attr,$value); + } +@@ -271,7 +271,7 @@ class ImportLDIF extends Import { + + if ($this->hasMoreEntries() && ! $this->eof()) { + # The first line is the DN one +- $current[0]= trim($this->_currentLine); ++ $current[0]= trim((string) $this->_currentLine); + + # While we end on a blank line, fetch the attribute lines + $count = 0; +@@ -282,11 +282,11 @@ class ImportLDIF extends Import { + /* If the next line begin with a space, we append it to the current row + * else we push it into the array (unwrap)*/ + if ($this->isWrappedLine()) +- $current[$count] .= trim($this->_currentLine); ++ $current[$count] .= trim((string) $this->_currentLine); + elseif ($this->isCommentLine()) {} + # Do nothing + elseif (! $this->isBlankLine()) +- $current[++$count] = trim($this->_currentLine); ++ $current[++$count] = trim((string) $this->_currentLine); + else + $endEntryFound = true; + } +@@ -336,7 +336,7 @@ class ImportLDIF extends Import { + * @return boolean true if it's a comment line,false otherwise + */ + private function isCommentLine() { +- return substr(trim($this->_currentLine),0,1) == '#' ? true : false; ++ return substr(trim((string) $this->_currentLine),0,1) == '#' ? true : false; + } + + /** +@@ -354,7 +354,7 @@ class ImportLDIF extends Import { + * @return boolean if it is a blank line,false otherwise. + */ + private function isBlankLine() { +- return(trim($this->_currentLine) == '') ? true : false; ++ return(trim((string) $this->_currentLine) == '') ? true : false; + } + + /** +@@ -386,7 +386,7 @@ class ImportLDIF extends Import { + $url = trim(substr($value,1)); + + if (preg_match('^file://',$url)) { +- $filename = substr(trim($url),7); ++ $filename = substr(trim((string) $url),7); + + if ($fh = @fopen($filename,'rb')) { + if (! $return = @fread($fh,filesize($filename))) +@@ -480,7 +480,7 @@ class ImportLDIF extends Import { + # Fetch the attribute for the following line + $currentLine = array_shift($lines); + +- while ($processline && trim($currentLine) && (trim($currentLine) != '-')) { ++ while ($processline && trim((string) $currentLine) && (trim((string) $currentLine) != '-')) { + $processline = false; + + # If there is a valid line +@@ -541,7 +541,7 @@ class ImportLDIF extends Import { + array_merge(array($currentLine),$lines)); + + $currentLine = array_shift($lines); +- if (trim($currentLine)) ++ if (trim((string) $currentLine)) + $processline = true; + } + |