Date: Mon, 30 Jul 2018 03:10:34 +0000 (UTC) From: TAKATSU Tomonari <tota@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r475861 - in branches/2018Q3/japanese/mailman: . files Message-ID: <201807300310.w6U3AY5k030186@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: tota Date: Mon Jul 30 03:10:34 2018 New Revision: 475861 URL: https://svnweb.freebsd.org/changeset/ports/475861 Log: MFH: r475623 - Rename patches * extra-patch-Mailman-Cgi-private.py to extra-patch-Mailman_Cgi_private.py * patch-CVE-2015-2775 to patch-Mailman_Utils.py * patch-CVE-2018-5950 to patch-Mailman_Cgi_options.py - Apply CVE-2018-0618 patches [1] PR: 229351 [1] Submitted by: Yasuhito FUTATSUKI Security: CVE-2018-0618 Approved by: ports-secteam (miwi@) Added: branches/2018Q3/japanese/mailman/files/extra-patch-Mailman_Cgi_private.py - copied unchanged from r475623, head/japanese/mailman/files/extra-patch-Mailman_Cgi_private.py branches/2018Q3/japanese/mailman/files/patch-Mailman_Cgi_admin.py - copied unchanged from r475623, head/japanese/mailman/files/patch-Mailman_Cgi_admin.py branches/2018Q3/japanese/mailman/files/patch-Mailman_Cgi_options.py - copied unchanged from r475623, head/japanese/mailman/files/patch-Mailman_Cgi_options.py branches/2018Q3/japanese/mailman/files/patch-Mailman_Gui_General.py - copied unchanged from r475623, head/japanese/mailman/files/patch-Mailman_Gui_General.py branches/2018Q3/japanese/mailman/files/patch-Mailman_Utils.py - copied unchanged from r475623, head/japanese/mailman/files/patch-Mailman_Utils.py Deleted: branches/2018Q3/japanese/mailman/files/extra-patch-Mailman-Cgi-private.py branches/2018Q3/japanese/mailman/files/patch-CVE-2015-2775 branches/2018Q3/japanese/mailman/files/patch-CVE-2018-5950 Modified: branches/2018Q3/japanese/mailman/Makefile Directory Properties: branches/2018Q3/ (props changed) Modified: branches/2018Q3/japanese/mailman/Makefile ============================================================================== --- branches/2018Q3/japanese/mailman/Makefile Mon Jul 30 00:46:12 2018 (r475860) +++ branches/2018Q3/japanese/mailman/Makefile Mon Jul 30 03:10:34 2018 (r475861) @@ -3,7 +3,7 @@ PORTNAME= mailman PORTVERSION= 2.1.14.j7 -PORTREVISION= 4 +PORTREVISION= 5 PORTEPOCH= 1 CATEGORIES= japanese mail MASTER_SITES= https://docs.python.jp/contrib/mailman/_static/ \ @@ -105,7 +105,7 @@ MAIL_GID?= courier .if ${PORT_OPTIONS:MNAMAZU2} RUN_DEPENDS+= mknmz:japanese/namazu2 -EXTRA_PATCHES+= ${FILESDIR}/extra-patch-Mailman-Cgi-private.py +EXTRA_PATCHES+= ${FILESDIR}/extra-patch-Mailman_Cgi_private.py .endif pre-everything:: Copied: branches/2018Q3/japanese/mailman/files/extra-patch-Mailman_Cgi_private.py (from r475623, head/japanese/mailman/files/extra-patch-Mailman_Cgi_private.py) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q3/japanese/mailman/files/extra-patch-Mailman_Cgi_private.py Mon Jul 30 03:10:34 2018 (r475861, copy of r475623, head/japanese/mailman/files/extra-patch-Mailman_Cgi_private.py) @@ -0,0 +1,30 @@ +--- Mailman/Cgi/private.py.orig 2010-09-21 03:18:27.000000000 +0900 ++++ Mailman/Cgi/private.py 2011-04-08 22:28:09.000000000 +0900 +@@ -116,6 +116,7 @@ + + i18n.set_language(mlist.preferred_language) + doc.set_language(mlist.preferred_language) ++ is_cgi = 0 + + cgidata = cgi.FieldStorage() + username = cgidata.getvalue('username', '') +@@ -179,6 +180,10 @@ + elif true_filename.endswith('.gz'): + import gzip + f = gzip.open(true_filename, 'r') ++ elif true_filename.endswith('namazu.cgi'): ++ os.putenv('SCRIPT_NAME', 'namazu.cgi') ++ f = os.popen(true_filename, 'r') ++ is_cgi = 1 + else: + f = open(true_filename, 'r') + except IOError: +@@ -188,6 +193,7 @@ + print doc.Format() + syslog('error', 'Private archive file not found: %s', true_filename) + else: +- print 'Content-type: %s\n' % ctype ++ if not is_cgi: ++ print 'Content-type: %s\n' % ctype + sys.stdout.write(f.read()) + f.close() Copied: branches/2018Q3/japanese/mailman/files/patch-Mailman_Cgi_admin.py (from r475623, head/japanese/mailman/files/patch-Mailman_Cgi_admin.py) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q3/japanese/mailman/files/patch-Mailman_Cgi_admin.py Mon Jul 30 03:10:34 2018 (r475861, copy of r475623, head/japanese/mailman/files/patch-Mailman_Cgi_admin.py) @@ -0,0 +1,11 @@ +--- Mailman/Cgi/admin.py.orig 2011-12-11 07:56:23 UTC ++++ Mailman/Cgi/admin.py +@@ -266,7 +266,7 @@ def admin_overview(msg=''): + else: + advertised.append((mlist.GetScriptURL('admin'), + mlist.real_name, +- mlist.description)) ++ Utils.websafe(mlist.description))) + # Greeting depends on whether there was an error or not + if msg: + greeting = FontAttr(msg, color="ff5060", size="+1") Copied: branches/2018Q3/japanese/mailman/files/patch-Mailman_Cgi_options.py (from r475623, head/japanese/mailman/files/patch-Mailman_Cgi_options.py) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q3/japanese/mailman/files/patch-Mailman_Cgi_options.py Mon Jul 30 03:10:34 2018 (r475861, copy of r475623, head/japanese/mailman/files/patch-Mailman_Cgi_options.py) @@ -0,0 +1,52 @@ +--- Mailman/Cgi/options.py.orig 2011-12-11 07:56:23 UTC ++++ Mailman/Cgi/options.py +@@ -1,4 +1,4 @@ +-# Copyright (C) 1998-2011 by the Free Software Foundation, Inc. ++# Copyright (C) 1998-2018 by the Free Software Foundation, Inc. + # + # This program is free software; you can redistribute it and/or + # modify it under the terms of the GNU General Public License +@@ -165,20 +165,6 @@ def main(): + doc.set_language(userlang) + i18n.set_language(userlang) + +- # See if this is VARHELP on topics. +- varhelp = None +- if cgidata.has_key('VARHELP'): +- varhelp = cgidata['VARHELP'].value +- elif os.environ.get('QUERY_STRING'): +- # POST methods, even if their actions have a query string, don't get +- # put into FieldStorage's keys :-( +- qs = cgi.parse_qs(os.environ['QUERY_STRING']).get('VARHELP') +- if qs and type(qs) == types.ListType: +- varhelp = qs[0] +- if varhelp: +- topic_details(mlist, doc, user, cpuser, userlang, varhelp) +- return +- + # Are we processing an unsubscription request from the login screen? + if cgidata.has_key('login-unsub'): + # Because they can't supply a password for unsubscribing, we'll need +@@ -290,6 +276,22 @@ def main(): + print doc.Format() + return + ++ # See if this is VARHELP on topics. ++ varhelp = None ++ if cgidata.has_key('VARHELP'): ++ varhelp = cgidata['VARHELP'].value ++ elif os.environ.get('QUERY_STRING'): ++ # POST methods, even if their actions have a query string, don't get ++ # put into FieldStorage's keys :-( ++ qs = cgi.parse_qs(os.environ['QUERY_STRING']).get('VARHELP') ++ if qs and type(qs) == types.ListType: ++ varhelp = qs[0] ++ if varhelp: ++ # Sanitize the topic name. ++ varhelp = re.sub('<.*', '', varhelp) ++ topic_details(mlist, doc, user, cpuser, userlang, varhelp) ++ return ++ + if cgidata.has_key('logout'): + print mlist.ZapCookie(mm_cfg.AuthUser, user) + loginpage(mlist, doc, user, language) Copied: branches/2018Q3/japanese/mailman/files/patch-Mailman_Gui_General.py (from r475623, head/japanese/mailman/files/patch-Mailman_Gui_General.py) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q3/japanese/mailman/files/patch-Mailman_Gui_General.py Mon Jul 30 03:10:34 2018 (r475861, copy of r475623, head/japanese/mailman/files/patch-Mailman_Gui_General.py) @@ -0,0 +1,23 @@ +--- Mailman/Gui/General.py.orig 2011-12-11 07:56:23 UTC ++++ Mailman/Gui/General.py +@@ -1,4 +1,4 @@ +-# Copyright (C) 2001-2011 by the Free Software Foundation, Inc. ++# Copyright (C) 2001-2018 by the Free Software Foundation, Inc. + # + # This program is free software; you can redistribute it and/or + # modify it under the terms of the GNU General Public License +@@ -493,6 +493,14 @@ mlist.info. + or not isinstance(val, IntType)): + doc.addError(_("""<b>admin_member_chunksize</b> attribute not + changed! It must be an integer > 0.""")) ++ elif property == 'host_name': ++ try: ++ Utils.ValidateEmail('user@' + val) ++ except Errors.EmailAddressError: ++ doc.addError(_("""<b>host_name</b> attribute not changed! ++ It must be a valid domain name.""")) ++ else: ++ GUIBase._setValue(self, mlist, property, val, doc) + else: + GUIBase._setValue(self, mlist, property, val, doc) + Copied: branches/2018Q3/japanese/mailman/files/patch-Mailman_Utils.py (from r475623, head/japanese/mailman/files/patch-Mailman_Utils.py) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q3/japanese/mailman/files/patch-Mailman_Utils.py Mon Jul 30 03:10:34 2018 (r475861, copy of r475623, head/japanese/mailman/files/patch-Mailman_Utils.py) @@ -0,0 +1,117 @@ +--- Mailman/Utils.py.orig 2011-12-11 07:56:23 UTC ++++ Mailman/Utils.py +@@ -1,4 +1,4 @@ +-# Copyright (C) 1998-2011 by the Free Software Foundation, Inc. ++# Copyright (C) 1998-2018 by the Free Software Foundation, Inc. + # + # This program is free software; you can redistribute it and/or + # modify it under the terms of the GNU General Public License +@@ -93,6 +93,12 @@ def list_exists(listname): + # + # The former two are for 2.1alpha3 and beyond, while the latter two are + # for all earlier versions. ++ # ++ # But first ensure the list name doesn't contain a path traversal ++ # attack. ++ if len(re.sub(mm_cfg.ACCEPTABLE_LISTNAME_CHARACTERS, '', listname)) > 0: ++ syslog('mischief', 'Hostile listname: %s', listname) ++ return False + basepath = Site.get_listpath(listname) + for ext in ('.pck', '.pck.last', '.db', '.db.last'): + dbfile = os.path.join(basepath, 'config' + ext) +@@ -952,6 +958,7 @@ _badwords = [ + '<meta', + '<object', + '<script', ++ '@keyframes', + r'\bj(?:ava)?script\b', + r'\bvbs(?:cript)?\b', + r'\bdomactivate\b', +@@ -968,12 +975,14 @@ _badwords = [ + r'\bon(?:de)?activate\b', + r'\bon(?:after|before)print\b', + r'\bon(?:after|before)update\b', ++ r'\b(?:on)?animation(?:end|iteration|start)\b', + r'\bonbefore(?:(?:de)?activate|copy|cut|editfocus|paste)\b', + r'\bonbeforeunload\b', + r'\bonbegin\b', + r'\bonblur\b', + r'\bonbounce\b', + r'\bonbroadcast\b', ++ r'\boncanplay(?:through)?\b', + r'\bon(?:cell)?change\b', + r'\boncheckboxstatechange\b', + r'\bon(?:dbl)?click\b', +@@ -989,7 +998,9 @@ _badwords = [ + r'\bondrag(?:drop|end|enter|exit|gesture|leave|over)?\b', + r'\bondragstart\b', + r'\bondrop\b', +- r'\bonend\b', ++ r'\bondurationchange\b', ++ r'\bonemptied\b', ++ r'\bonend(?:ed)?\b', + r'\bonerror(?:update)?\b', + r'\bonfilterchange\b', + r'\bonfinish\b', +@@ -999,21 +1010,28 @@ _badwords = [ + r'\bonkey(?:up|down|press)\b', + r'\bonlayoutcomplete\b', + r'\bon(?:un)?load\b', ++ r'\bonloaded(?:meta)?data\b', ++ r'\bonloadstart\b', + r'\bonlosecapture\b', + r'\bonmedia(?:complete|error)\b', ++ r'\bonmessage\b', + r'\bonmouse(?:down|enter|leave|move|out|over|up|wheel)\b', + r'\bonmove(?:end|start)?\b', + r'\bon(?:off|on)line\b', ++ r'\bonopen\b', + r'\bonoutofsync\b', + r'\bonoverflow(?:changed)?\b', + r'\bonpage(?:hide|show)\b', + r'\bonpaint\b', + r'\bonpaste\b', + r'\bonpause\b', ++ r'\bonplay(?:ing)?\b', ++ r'\bonpopstate\b', + r'\bonpopup(?:hidden|hiding|showing|shown)\b', + r'\bonprogress\b', + r'\bonpropertychange\b', + r'\bonradiostatechange\b', ++ r'\bonratechange\b', + r'\bonreadystatechange\b', + r'\bonrepeat\b', + r'\bonreset\b', +@@ -1023,19 +1041,30 @@ _badwords = [ + r'\bonrow(?:delete|enter|exit|inserted)\b', + r'\bonrows(?:delete|enter|inserted)\b', + r'\bonscroll\b', +- r'\bonseek\b', ++ r'\bonsearch\b', ++ r'\bonseek(?:ed|ing)?\b', + r'\bonselect(?:start)?\b', + r'\bonselectionchange\b', ++ r'\bonshow\b', + r'\bonstart\b', ++ r'\bonstalled\b', + r'\bonstop\b', ++ r'\bonstorage\b', + r'\bonsubmit\b', ++ r'\bonsuspend\b', + r'\bonsync(?:from|to)preference\b', + r'\bonsyncrestored\b', + r'\bontext\b', +- r'\bontimeerror\b', ++ r'\bontime(?:error|update)\b', ++ r'\bontoggle\b', ++ r'\bontouch(?:cancel|end|move|start)\b', + r'\bontrackchange\b', ++ r'\b(?:on)?transitionend\b', + r'\bonunderflow\b', + r'\bonurlflip\b', ++ r'\bonvolumechange\b', ++ r'\bonwaiting\b', ++ r'\bonwheel\b', + r'\bseeksegmenttime\b', + r'\bsvgabort\b', + r'\bsvgerror\b',
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201807300310.w6U3AY5k030186>