rpms/mantis/FC-4 mantis-0.19.5-unreleased.patch, NONE, 1.1 mantis.spec, 1.8, 1.9
Gianluca Sforna (giallu)
fedora-extras-commits at redhat.com
Fri Oct 20 23:56:51 UTC 2006
- Previous message (by thread): accounts2 52fc-fedora-group.ldif, NONE, 1.1 52fc-fedora-membership.ldif, NONE, 1.1 52fc-fedora-person.ldif, NONE, 1.1
- Next message (by thread): rpms/torque/devel .cvsignore, 1.8, 1.9 sources, 1.8, 1.9 torque.spec, 1.15, 1.16
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: giallu
Update of /cvs/extras/rpms/mantis/FC-4
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv32077
Modified Files:
mantis.spec
Added Files:
mantis-0.19.5-unreleased.patch
Log Message:
Add unreleased security patches from upsream CVS
mantis-0.19.5-unreleased.patch:
--- NEW FILE mantis-0.19.5-unreleased.patch ---
? mantis-0.19.5-unreleased.patch
Index: bug_view_advanced_page.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/bug_view_advanced_page.php,v
retrieving revision 1.67
retrieving revision 1.67.6.1
diff -u -r1.67 -r1.67.6.1
--- bug_view_advanced_page.php 25 Oct 2004 19:59:12 -0000 1.67
+++ bug_view_advanced_page.php 1 Jan 2006 04:29:49 -0000 1.67.6.1
@@ -6,7 +6,7 @@
# See the README and LICENSE files for details
# --------------------------------------------------------
- # $Id: bug_view_advanced_page.php,v 1.67 2004/10/25 19:59:12 marcelloscata Exp $
+ # $Id: bug_view_advanced_page.php,v 1.67.6.1 2006/01/01 04:29:49 thraxisp Exp $
# --------------------------------------------------------
require_once( 'core.php' );
@@ -136,7 +136,7 @@
<!-- Category -->
<td>
<?php
- $t_project_name = project_get_field( $t_bug->project_id, 'name' );
+ $t_project_name = string_display( project_get_field( $t_bug->project_id, 'name' ) );
echo "[$t_project_name] $t_bug->category";
?>
</td>
Index: bug_view_page.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/bug_view_page.php,v
retrieving revision 1.70
retrieving revision 1.70.6.1
diff -u -r1.70 -r1.70.6.1
--- bug_view_page.php 17 Oct 2004 00:14:27 -0000 1.70
+++ bug_view_page.php 1 Jan 2006 04:29:49 -0000 1.70.6.1
@@ -6,7 +6,7 @@
# See the README and LICENSE files for details
# --------------------------------------------------------
- # $Id: bug_view_page.php,v 1.70 2004/10/17 00:14:27 thraxisp Exp $
+ # $Id: bug_view_page.php,v 1.70.6.1 2006/01/01 04:29:49 thraxisp Exp $
# --------------------------------------------------------
?>
<?php
@@ -138,7 +138,7 @@
<!-- Category -->
<td>
<?php
- $t_project_name = project_get_field( $t_bug->project_id, 'name' );
+ $t_project_name = string_display( project_get_field( $t_bug->project_id, 'name' ) );
echo "[$t_project_name] $t_bug->category";
?>
</td>
Index: changelog_page.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/changelog_page.php,v
retrieving revision 1.9
retrieving revision 1.9.6.1
diff -u -r1.9 -r1.9.6.1
--- changelog_page.php 25 Oct 2004 19:51:02 -0000 1.9
+++ changelog_page.php 1 Jan 2006 04:29:49 -0000 1.9.6.1
@@ -6,7 +6,7 @@
# See the README and LICENSE files for details
# --------------------------------------------------------
- # $Id: changelog_page.php,v 1.9 2004/10/25 19:51:02 marcelloscata Exp $
+ # $Id: changelog_page.php,v 1.9.6.1 2006/01/01 04:29:49 thraxisp Exp $
# --------------------------------------------------------
require_once( 'core.php' );
@@ -21,7 +21,7 @@
$t_version_name = version_get_field( $p_version_id, 'version' );
$t_project_name = project_get_field( $t_project_id, 'name' );
- $t_release_title = $t_project_name . ' - ' . $t_version_name;
+ $t_release_title = string_display( $t_project_name ) . ' - ' . string_display( $t_version_name );
echo $t_release_title, '<br />';
echo str_pad( '', strlen( $t_release_title ), '=' ), '<br />';
@@ -56,7 +56,7 @@
$t_version_rows = version_get_all_rows( $f_project_id );
- echo '<br /><span class="pagetitle">', $t_project_name, ' - ', lang_get( 'changelog' ), '</span><br /><br />';
+ echo '<br /><span class="pagetitle">', string_display( $t_project_name ), ' - ', lang_get( 'changelog' ), '</span><br /><br />';
echo '<tt>';
$i = 0;
Index: manage_proj_create.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/manage_proj_create.php,v
retrieving revision 1.6
retrieving revision 1.6.4.1
diff -u -r1.6 -r1.6.4.1
--- manage_proj_create.php 1 Dec 2004 12:45:22 -0000 1.6
+++ manage_proj_create.php 1 Jan 2006 04:29:49 -0000 1.6.4.1
@@ -6,7 +6,7 @@
# See the README and LICENSE files for details
# --------------------------------------------------------
- # $Id: manage_proj_create.php,v 1.6 2004/12/01 12:45:22 vboctor Exp $
+ # $Id: manage_proj_create.php,v 1.6.4.1 2006/01/01 04:29:49 thraxisp Exp $
# --------------------------------------------------------
?>
<?php require_once( 'core.php' ) ?>
@@ -19,7 +19,7 @@
$f_status = gpc_get_int( 'status' );
$f_file_path = gpc_get_string( 'file_path', '' );
- $t_project_id = project_create( $f_name, $f_description, $f_status, $f_view_state, $f_file_path );
+ $t_project_id = project_create( string_strip_tags( $f_name ), $f_description, $f_status, $f_view_state, $f_file_path );
if ( ( $f_view_state == VS_PRIVATE ) && ( false === current_user_is_administrator() ) ) {
$t_access_level = access_get_global_level();
Index: manage_user_page.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/manage_user_page.php,v
retrieving revision 1.56.4.1
retrieving revision 1.56.4.2
diff -u -r1.56.4.1 -r1.56.4.2
--- manage_user_page.php 5 Dec 2005 10:49:06 -0000 1.56.4.1
+++ manage_user_page.php 5 Jan 2006 03:57:56 -0000 1.56.4.2
@@ -6,7 +6,7 @@
# See the README and LICENSE files for details
# --------------------------------------------------------
- # $Id: manage_user_page.php,v 1.56.4.1 2005/12/05 10:49:06 vboctor Exp $
+ # $Id: manage_user_page.php,v 1.56.4.2 2006/01/05 03:57:56 thraxisp Exp $
# --------------------------------------------------------
?>
<?php
@@ -25,12 +25,31 @@
$f_save = gpc_get_bool( 'save' );
$f_prefix = strtoupper( gpc_get_string( 'prefix', config_get( 'default_manage_user_prefix' ) ) );
+ $t_user_table = config_get( 'mantis_user_table' );
$t_cookie_name = config_get( 'manage_cookie' );
$t_lock_image = '<img src="' . config_get( 'icon_path' ) . 'protected.gif" width="8" height="15" border="0" alt="' . lang_get( 'protected' ) . '" />';
+ # Clean up the form variables
+ if ( ! in_array( $f_sort, db_field_names( $t_user_table ) ) ) {
+ $c_sort = 'username';
+ } else {
+ $c_sort = addslashes($f_sort);
+ }
+
+ if ($f_dir == 'ASC') {
+ $c_dir = 'ASC';
+ } else {
+ $c_dir = 'DESC';
+ }
+
+ if ($f_hide == 0) { # a 0 will turn it off
+ $c_hide = 0;
+ } else { # anything else (including 'on') will turn it on
+ $c_hide = 1;
+ }
# set cookie values for hide, sort by, and dir
if ( $f_save ) {
- $t_manage_string = $f_hide.':'.$f_sort.':'.$f_dir;
+ $t_manage_string = $c_hide.':'.$c_sort.':'.$c_dir;
gpc_set_cookie( $t_cookie_name, $t_manage_string, true );
} else if ( !is_blank( gpc_get_cookie( $t_cookie_name, '' ) ) ) {
$t_manage_arr = explode( ':', gpc_get_cookie( $t_cookie_name ) );
@@ -49,20 +68,6 @@
}
}
- # Clean up the form variables
- $c_sort = addslashes($f_sort);
-
- if ($f_dir == 'ASC') {
- $c_dir = 'ASC';
- } else {
- $c_dir = 'DESC';
- }
-
- if ($f_hide == 0) { # a 0 will turn it off
- $c_hide = 0;
- } else { # anything else (including 'on') will turn it on
- $c_hide = 1;
- }
?>
<?php html_page_top1( lang_get( 'manage_users_link' ) ) ?>
<?php html_page_top2() ?>
@@ -71,8 +76,6 @@
<?php # New Accounts Form BEGIN ?>
<?php
- $t_user_table = config_get( 'mantis_user_table' );
-
$days_old = 7;
$query = "SELECT *
FROM $t_user_table
Index: print_all_bug_page.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/print_all_bug_page.php,v
retrieving revision 1.80
retrieving revision 1.80.10.1
diff -u -r1.80 -r1.80.10.1
--- print_all_bug_page.php 24 Jul 2004 14:31:43 -0000 1.80
+++ print_all_bug_page.php 1 Jan 2006 04:29:49 -0000 1.80.10.1
@@ -6,7 +6,7 @@
# See the README and LICENSE files for details
# --------------------------------------------------------
- # $Id: print_all_bug_page.php,v 1.80 2004/07/24 14:31:43 vboctor Exp $
+ # $Id: print_all_bug_page.php,v 1.80.10.1 2006/01/01 04:29:49 thraxisp Exp $
# --------------------------------------------------------
?>
<?php
@@ -75,7 +75,7 @@
<table class="width100"><tr><td class="form-title">
<div class="center">
- <?php echo config_get( 'window_title' ) . ' - ' . project_get_name( $t_project_id ); ?>
+ <?php echo config_get( 'window_title' ) . ' - ' . string_display( project_get_name( $t_project_id ) ); ?>
</div>
</td></tr></table>
Index: print_bug_page.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/print_bug_page.php,v
retrieving revision 1.51
retrieving revision 1.51.10.1
diff -u -r1.51 -r1.51.10.1
--- print_bug_page.php 27 Aug 2004 00:29:54 -0000 1.51
+++ print_bug_page.php 1 Jan 2006 04:29:49 -0000 1.51.10.1
@@ -6,7 +6,7 @@
# See the README and LICENSE files for details
# --------------------------------------------------------
- # $Id: print_bug_page.php,v 1.51 2004/08/27 00:29:54 thraxisp Exp $
+ # $Id: print_bug_page.php,v 1.51.10.1 2006/01/01 04:29:49 thraxisp Exp $
# --------------------------------------------------------
?>
<?php
@@ -63,7 +63,7 @@
<table class="width100" cellspacing="1">
<tr>
<td class="form-title" colspan="6">
- <div class="center"><?php echo config_get( 'window_title' ) . ' - ' . project_get_name( $v_project_id ) ?></div>
+ <div class="center"><?php echo config_get( 'window_title' ) . ' - ' . string_display( project_get_name( $v_project_id ) ) ?></div>
</td>
</tr>
<tr>
Index: query_store.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/query_store.php,v
retrieving revision 1.3
retrieving revision 1.3.12.1
diff -u -r1.3 -r1.3.12.1
--- query_store.php 7 Jul 2004 20:30:13 -0000 1.3
+++ query_store.php 8 Jan 2006 14:42:25 -0000 1.3.12.1
@@ -19,7 +19,7 @@
auth_ensure_user_authenticated();
compress_enable();
- $f_query_name = gpc_get_string( 'query_name' );
+ $f_query_name = string_strip_tags( gpc_get_string( 'query_name' ) );
$f_is_public = gpc_get_bool( 'is_public' );
$f_all_projects = gpc_get_bool( 'all_projects' );
Index: query_store_page.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/query_store_page.php,v
retrieving revision 1.5
retrieving revision 1.5.10.1
diff -u -r1.5 -r1.5.10.1
--- query_store_page.php 26 Jul 2004 12:06:23 -0000 1.5
+++ query_store_page.php 8 Jan 2006 14:42:25 -0000 1.5.10.1
@@ -38,7 +38,7 @@
}
# Check for an error
- $t_error_msg = gpc_get_string( 'error_msg', null );
+ $t_error_msg = string_strip_tags( gpc_get_string( 'error_msg', null ) );
if ( $t_error_msg != null ) {
print "<br />$t_error_msg<br /><br />";
}
Index: view_all_set.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/view_all_set.php,v
retrieving revision 1.38.6.1
retrieving revision 1.38.6.2
diff -u -r1.38.6.1 -r1.38.6.2
--- view_all_set.php 10 Dec 2005 03:31:48 -0000 1.38.6.1
+++ view_all_set.php 18 Dec 2005 02:58:59 -0000 1.38.6.2
@@ -6,7 +6,7 @@
# See the README and LICENSE files for details
# --------------------------------------------------------
- # $Id: view_all_set.php,v 1.38.6.1 2005/12/10 03:31:48 thraxisp Exp $
+ # $Id: view_all_set.php,v 1.38.6.2 2005/12/18 02:58:59 thraxisp Exp $
# --------------------------------------------------------
?>
<?php require_once( 'core.php' ) ?>
@@ -134,7 +134,7 @@
# these are only single values, even when doing advanced filtering
$f_per_page = gpc_get_int( 'per_page', -1 );
- $f_highlight_changed = gpc_get_string( 'highlight_changed', config_get( 'default_show_changed' ) );
+ $f_highlight_changed = gpc_get_int( 'highlight_changed', config_get( 'default_show_changed' ) );
# sort direction
$f_sort = gpc_get_string( 'sort', 'last_updated' );
$f_dir = gpc_get_string( 'dir', 'DESC' );
Index: view_filters_page.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/view_filters_page.php,v
retrieving revision 1.22.6.1
retrieving revision 1.22.6.3
diff -u -r1.22.6.1 -r1.22.6.3
--- view_filters_page.php 10 Dec 2005 03:31:48 -0000 1.22.6.1
+++ view_filters_page.php 8 Jan 2006 15:37:51 -0000 1.22.6.3
@@ -24,11 +24,14 @@
html_page_top2();
$t_project_id = helper_get_current_project();
+ $t_current_user_access_level = current_user_get_access_level();
$t_target_field = gpc_get_string( 'target_field', '' );
$t_fields = array( 'priority', 'id', 'sponsorship_total', 'category', 'severity', 'status', 'last_updated', 'summary' );
$t_accessible_custom_fields_ids = array();
$t_accessible_custom_fields_names = array();
$t_accessible_custom_fields_values = array();
+ $t_custom_cols = 1;
+ $t_custom_rows = 0;
if ( ON == config_get( 'filter_by_custom_fields' ) ) {
$t_custom_cols = config_get( 'filter_custom_fields_per_row' );
@@ -104,8 +107,6 @@
$t_current_user_access_level = current_user_get_access_level();
$t_filter_cols = 7;
- $t_custom_cols = 1;
- $t_custom_rows = 0;
$f_for_screen = gpc_get_bool( 'for_screen', true );
Index: core/database_api.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/core/database_api.php,v
retrieving revision 1.38
retrieving revision 1.38.4.1
diff -u -r1.38 -r1.38.4.1
--- core/database_api.php 9 Dec 2004 18:55:06 -0000 1.38
+++ core/database_api.php 5 Jan 2006 03:57:56 -0000 1.38.4.1
@@ -6,7 +6,7 @@
# See the README and LICENSE files for details
# --------------------------------------------------------
- # $Id: database_api.php,v 1.38 2004/12/09 18:55:06 thraxisp Exp $
+ # $Id: database_api.php,v 1.38.4.1 2006/01/05 03:57:56 thraxisp Exp $
# --------------------------------------------------------
### Database ###
@@ -175,6 +175,12 @@
}
# --------------------
+ function db_field_names( $p_table_name ) {
+ global $g_db;
+ return $g_db->MetaColumnNames( $p_table_name );
+ }
+
+ # --------------------
# Check if there is an index defined on the specified table/field and with
# the specified type.
#
@@ -236,6 +242,7 @@
# --------------------
# prepare a string before DB insertion
# @@@ should default be return addslashes( $p_string ); or generate an error
+ # @@@ Consider using ADODB escaping for all databases.
function db_prepare_string( $p_string ) {
global $g_db;
$t_db_type = config_get( 'db_type' );
@@ -246,11 +253,15 @@
return addslashes( $p_string );
case 'mysql':
- return mysql_escape_string( $p_string );
+ # mysql_escape_string was deprecated in v4.3.0
+ if ( php_version_at_least( '4.3.0' ) ) {
+ return mysql_real_escape_string( $p_string );
+ } else {
+ return mysql_escape_string( $p_string );
+ }
# For some reason mysqli_escape_string( $p_string ) always returns an empty
# string. This is happening with PHP v5.0.2.
- # @@@ Consider using ADODB escaping for all databases.
case 'mysqli':
$t_escaped = $g_db->qstr( $p_string, false );
return substr( $t_escaped, 1, strlen( $t_escaped ) - 2 );
Index: core/string_api.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/core/string_api.php,v
retrieving revision 1.62.4.1
retrieving revision 1.62.4.2
diff -u -r1.62.4.1 -r1.62.4.2
--- core/string_api.php 5 Dec 2005 12:12:05 -0000 1.62.4.1
+++ core/string_api.php 1 Jan 2006 04:29:49 -0000 1.62.4.2
@@ -6,7 +6,7 @@
# See the README and LICENSE files for details
# --------------------------------------------------------
- # $Id: string_api.php,v 1.62.4.1 2005/12/05 12:12:05 vboctor Exp $
+ # $Id: string_api.php,v 1.62.4.2 2006/01/01 04:29:49 thraxisp Exp $
# --------------------------------------------------------
$t_core_dir = dirname( __FILE__ ).DIRECTORY_SEPARATOR;
@@ -345,6 +345,45 @@
}
# --------------------
+ # strip all tags from a string
+ # This will remove HTML tags, javascript sections
+ # and white space. It will also convert some
+ # common HTML entities to their text equivalent.
+ function string_strip_tags( $p_string ) {
+ $t_search = array(
+ '@<script[^>]*?>.*?</script>@si', /* Strip out javascript */
+ '@<[\/\!]*?[^<>]*?>@si', /* Strip out HTML tags */
+ '@([\r\n])[\s]+@', /* Strip out white space */
+ '@&(quot|#34);@i', /* Replace HTML entities */
+ '@&(amp|#38);@i',
+ '@&(lt|#60);@i',
+ '@&(gt|#62);@i',
+ '@&(nbsp|#160);@i',
+ '@&(iexcl|#161);@i',
+ '@&(cent|#162);@i',
+ '@&(pound|#163);@i',
+ '@&(copy|#169);@i',
+ '@&#(\d+);@e' ); /* evaluate as php */
+
+ $t_replace = array(
+ '',
+ '',
+ '\1',
+ '"',
+ '&',
+ '<',
+ '>',
+ ' ',
+ chr(161),
+ chr(162),
+ chr(163),
+ chr(169),
+ 'chr(\1)' );
+
+ return preg_replace($t_search, $t_replace, $p_string);
+ }
+
+ # --------------------
# This function looks for text with htmlentities
# like <b> and converts is into corresponding
# html <b> based on the configuration presets
Index: mantis.spec
===================================================================
RCS file: /cvs/extras/rpms/mantis/FC-4/mantis.spec,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- mantis.spec 23 Dec 2005 15:46:58 -0000 1.8
+++ mantis.spec 20 Oct 2006 23:56:20 -0000 1.9
@@ -9,7 +9,7 @@
Summary: Web-based bugtracking system
Name: mantis
Version: 0.19.4
-Release: %release_func 1
+Release: %release_func 2
License: GPL
Group: Applications/Internet
URL: http://mantisbt.sourceforge.net/
@@ -18,6 +18,8 @@
Patch0: mantis-0.19.2-iis.patch
Patch1: mantis-0.19.2-noexamplecom.patch
Patch2: mantis-0.19.2-noadmin.patch
+# unreleased patches from CVS. Could be removed after an eventual 0.19.5 release
+Patch3: mantis-0.19.5-unreleased.patch
BuildRoot: %_tmppath/%name-%version-%release-buildroot
BuildRequires: diffutils
Requires: php
@@ -58,6 +60,7 @@
%patch0 -p1 -b .iis
%patch1 -p1 -b .noexamplecom
%patch2 -p1 -b .noadmin
+%patch3 -p0 -b .unreleased
chmod -x *.php sql/*
rm -rf packages
@@ -154,6 +157,9 @@
%changelog
+* Sat Oct 21 2006 Gianluca Sforna <giallu gmail com> 0.19.4-2
+- add unreleased security patches from CVS
+
* Fri Dec 23 2005 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.19.4-1
- SECURITY: release 0.19.4
* File Upload Vulnerability (TKADV2005-11-002) (thraxisp)
- Previous message (by thread): accounts2 52fc-fedora-group.ldif, NONE, 1.1 52fc-fedora-membership.ldif, NONE, 1.1 52fc-fedora-person.ldif, NONE, 1.1
- Next message (by thread): rpms/torque/devel .cvsignore, 1.8, 1.9 sources, 1.8, 1.9 torque.spec, 1.15, 1.16
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list