From owner-svn-ports-head@FreeBSD.ORG Fri Oct 31 15:40:29 2014 Return-Path: Delivered-To: svn-ports-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3A1FFA29; Fri, 31 Oct 2014 15:40:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0CF7A20F; Fri, 31 Oct 2014 15:40:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id s9VFeSks090595; Fri, 31 Oct 2014 15:40:28 GMT (envelope-from rea@FreeBSD.org) Received: (from rea@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id s9VFeSJq090593; Fri, 31 Oct 2014 15:40:28 GMT (envelope-from rea@FreeBSD.org) Message-Id: <201410311540.s9VFeSJq090593@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: rea set sender to rea@FreeBSD.org using -f From: Eygene Ryabinkin Date: Fri, 31 Oct 2014 15:40:28 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r371858 - in head/www/twiki: . files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 Oct 2014 15:40:29 -0000 Author: rea Date: Fri Oct 31 15:40:27 2014 New Revision: 371858 URL: https://svnweb.freebsd.org/changeset/ports/371858 QAT: https://qat.redports.org/buildarchive/r371858/ Log: TWiki: fix CVE-2014-7236 This is remote Perl code execution via crafted GET variable "debugenableplugins", http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-7236 MFH: 2014Q4 Security: 21ce1840-6107-11e4-9e84-0022156e8794 Added: head/www/twiki/files/patch-cve-2014-7236 (contents, props changed) Modified: head/www/twiki/Makefile Modified: head/www/twiki/Makefile ============================================================================== --- head/www/twiki/Makefile Fri Oct 31 15:40:00 2014 (r371857) +++ head/www/twiki/Makefile Fri Oct 31 15:40:27 2014 (r371858) @@ -3,6 +3,7 @@ PORTNAME= twiki PORTVERSION= 5.1.4 +PORTREVISION= 1 PORTEPOCH= 1 CATEGORIES= www MASTER_SITES= SF/${PORTNAME}/TWiki%20for%20all%20Platforms/${DISTNAME} \ @@ -29,6 +30,8 @@ RUN_DEPENDS= \ USES= perl5 tar:tgz WRKSRC= ${WRKDIR}/twiki +USES+= cpe + post-extract: @${RM} -rf ${WRKSRC}/lib/CPAN @${CAT} ${.CURDIR}/../twiki-*/pkg-plist |\ Added: head/www/twiki/files/patch-cve-2014-7236 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/twiki/files/patch-cve-2014-7236 Fri Oct 31 15:40:27 2014 (r371858) @@ -0,0 +1,17 @@ +Obtained-from: http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-7236 +--- lib/TWiki/Plugins.pm.save1 2014-01-09 02:10:56.000000000 -0500 ++++ lib/TWiki/Plugins.pm 2014-10-01 20:30:36.000000000 -0400 +@@ -186,8 +186,11 @@ + + unless( $allDisabled ) { + if ( $query && defined( $query->param( 'debugenableplugins' ))) { +- @pluginList = split( /[,\s]+/, +- $query->param( 'debugenableplugins' )); ++ @pluginList = ++ grep { /Plugin$/ } ++ map { s/[^a-zA-Z0-9]//go; $_ } # Item7558: Sanitize parameter ++ split( /[,\s]+/, $query->param( 'debugenableplugins' )); ++ + } else { + if( $TWiki::cfg{PluginsOrder} ) { + foreach my $plugin( split( /[,\s]+/,