diff options
| author | Xin LI <delphij@FreeBSD.org> | 2012-07-18 20:15:16 +0000 |
|---|---|---|
| committer | Xin LI <delphij@FreeBSD.org> | 2012-07-18 20:15:16 +0000 |
| commit | b7214772a99424f4df9507c0e766c9d3c137e53a (patch) | |
| tree | 953b466d90fc0281c729d11b5076d779e5a3c718 /www/dokuwiki | |
| parent | b57c037e9dab1b6bf24093f7d639951a9ff546d8 (diff) | |
| download | ports-b7214772a99424f4df9507c0e766c9d3c137e53a.tar.gz ports-b7214772a99424f4df9507c0e766c9d3c137e53a.zip | |
Update to 2012-01-25b, fixes a XSS vulnerability.
Security: 2fe4b57f-d110-11e1-ac76-10bf48230856
Notes
Notes:
svn path=/head/; revision=301120
Diffstat (limited to 'www/dokuwiki')
| -rw-r--r-- | www/dokuwiki/Makefile | 2 | ||||
| -rw-r--r-- | www/dokuwiki/files/patch-2012-01-25a-to-2012-01-25b | 50 |
2 files changed, 51 insertions, 1 deletions
diff --git a/www/dokuwiki/Makefile b/www/dokuwiki/Makefile index 26bf28d09803..2705d216dc68 100644 --- a/www/dokuwiki/Makefile +++ b/www/dokuwiki/Makefile @@ -7,7 +7,7 @@ PORTNAME= dokuwiki PORTVERSION= ${DIST_VER:S/${PORTNAME}//:S/-//g} -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= www MASTER_SITES= http://www.splitbrain.org/_media/projects/dokuwiki/ \ LOCAL/chinsan/${PORTNAME} diff --git a/www/dokuwiki/files/patch-2012-01-25a-to-2012-01-25b b/www/dokuwiki/files/patch-2012-01-25a-to-2012-01-25b new file mode 100644 index 000000000000..78ae1bd95a27 --- /dev/null +++ b/www/dokuwiki/files/patch-2012-01-25a-to-2012-01-25b @@ -0,0 +1,50 @@ +diff -ur ./VERSION ./VERSION +--- ./VERSION 2012-04-19 03:12:33.000000000 -0700 ++++ ./VERSION 2012-07-13 04:13:57.000000000 -0700 +@@ -1 +1 @@ +-2012-01-25a "Angua" ++2012-01-25b "Angua" +diff -ur ./doku.php ./doku.php +--- ./doku.php 2012-04-19 03:12:33.000000000 -0700 ++++ ./doku.php 2012-07-13 04:13:57.000000000 -0700 +@@ -7,7 +7,7 @@ + */ + + // update message version +-$updateVersion = 36.1; ++$updateVersion = 36.2; + + // xdebug_start_profiling(); + +diff -ur ./inc/template.php ./inc/template.php +--- ./inc/template.php 2012-04-19 03:09:54.000000000 -0700 ++++ ./inc/template.php 2012-07-13 04:13:57.000000000 -0700 +@@ -1151,7 +1151,7 @@ + echo '<div class="panelHeader">'.NL; + echo '<h3>'; + $tabTitle = ($NS) ? $NS : '['.$lang['mediaroot'].']'; +- printf($lang['media_' . $opened_tab], '<strong>'.$tabTitle.'</strong>'); ++ printf($lang['media_' . $opened_tab], '<strong>'.hsc($tabTitle).'</strong>'); + echo '</h3>'.NL; + if ($opened_tab === 'search' || $opened_tab === 'files') { + media_tab_files_options(); +diff -ur ./lib/exe/ajax.php ./lib/exe/ajax.php +--- ./lib/exe/ajax.php 2012-04-19 03:09:54.000000000 -0700 ++++ ./lib/exe/ajax.php 2012-07-13 04:13:57.000000000 -0700 +@@ -13,7 +13,6 @@ + + header('Content-Type: text/html; charset=utf-8'); + +- + //call the requested function + if(isset($_POST['call'])){ + $call = $_POST['call']; +@@ -204,7 +203,7 @@ + global $conf; + global $NS; + +- $NS = $_POST['ns']; ++ $NS = cleanID($_POST['ns']); + if ($_POST['do'] == 'media') { + tpl_mediaFileList(); + } else { |