Date: Wed, 18 Jul 2012 20:15:16 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r301120 - in head/www/dokuwiki: . files Message-ID: <201207182015.q6IKFG9b006777@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Wed Jul 18 20:15:16 2012 New Revision: 301120 URL: http://svn.freebsd.org/changeset/ports/301120 Log: Update to 2012-01-25b, fixes a XSS vulnerability. Security: 2fe4b57f-d110-11e1-ac76-10bf48230856 Added: head/www/dokuwiki/files/patch-2012-01-25a-to-2012-01-25b (contents, props changed) Modified: head/www/dokuwiki/Makefile Modified: head/www/dokuwiki/Makefile ============================================================================== --- head/www/dokuwiki/Makefile Wed Jul 18 20:08:15 2012 (r301119) +++ head/www/dokuwiki/Makefile Wed Jul 18 20:15:16 2012 (r301120) @@ -7,7 +7,7 @@ PORTNAME= dokuwiki PORTVERSION= ${DIST_VER:S/${PORTNAME}//:S/-//g} -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= www MASTER_SITES= http://www.splitbrain.org/_media/projects/dokuwiki/ \ LOCAL/chinsan/${PORTNAME} Added: head/www/dokuwiki/files/patch-2012-01-25a-to-2012-01-25b ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/dokuwiki/files/patch-2012-01-25a-to-2012-01-25b Wed Jul 18 20:15:16 2012 (r301120) @@ -0,0 +1,50 @@ +diff -ur ./VERSION ./VERSION +--- ./VERSION 2012-04-19 03:12:33.000000000 -0700 ++++ ./VERSION 2012-07-13 04:13:57.000000000 -0700 +@@ -1 +1 @@ +-2012-01-25a "Angua" ++2012-01-25b "Angua" +diff -ur ./doku.php ./doku.php +--- ./doku.php 2012-04-19 03:12:33.000000000 -0700 ++++ ./doku.php 2012-07-13 04:13:57.000000000 -0700 +@@ -7,7 +7,7 @@ + */ + + // update message version +-$updateVersion = 36.1; ++$updateVersion = 36.2; + + // xdebug_start_profiling(); + +diff -ur ./inc/template.php ./inc/template.php +--- ./inc/template.php 2012-04-19 03:09:54.000000000 -0700 ++++ ./inc/template.php 2012-07-13 04:13:57.000000000 -0700 +@@ -1151,7 +1151,7 @@ + echo '<div class="panelHeader">'.NL; + echo '<h3>'; + $tabTitle = ($NS) ? $NS : '['.$lang['mediaroot'].']'; +- printf($lang['media_' . $opened_tab], '<strong>'.$tabTitle.'</strong>'); ++ printf($lang['media_' . $opened_tab], '<strong>'.hsc($tabTitle).'</strong>'); + echo '</h3>'.NL; + if ($opened_tab === 'search' || $opened_tab === 'files') { + media_tab_files_options(); +diff -ur ./lib/exe/ajax.php ./lib/exe/ajax.php +--- ./lib/exe/ajax.php 2012-04-19 03:09:54.000000000 -0700 ++++ ./lib/exe/ajax.php 2012-07-13 04:13:57.000000000 -0700 +@@ -13,7 +13,6 @@ + + header('Content-Type: text/html; charset=utf-8'); + +- + //call the requested function + if(isset($_POST['call'])){ + $call = $_POST['call']; +@@ -204,7 +203,7 @@ + global $conf; + global $NS; + +- $NS = $_POST['ns']; ++ $NS = cleanID($_POST['ns']); + if ($_POST['do'] == 'media') { + tpl_mediaFileList(); + } else {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201207182015.q6IKFG9b006777>