pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2005Q3]: pkgsrc/www/horde3 Pullup ticket 930 - requested by Ad...
details: https://anonhg.NetBSD.org/pkgsrc/rev/75ff9a19d72c
branches: pkgsrc-2005Q3
changeset: 499708:75ff9a19d72c
user: salo <salo%pkgsrc.org@localhost>
date: Sat Nov 26 15:33:00 2005 +0000
description:
Pullup ticket 930 - requested by Adrian Portelli
security fix for horde3
Revisions pulled up:
- pkgsrc/www/horde3/Makefile 1.11, 1.12
- pkgsrc/www/horde3/PLIST 1.5, 1.6
- pkgsrc/www/horde3/distinfo 1.5, 1.6, 1.7
- pkgsrc/www/horde3/patches/patch-aa 1.1
Module Name: pkgsrc
Committed By: ben
Date: Wed Oct 12 16:32:26 UTC 2005
Modified Files:
pkgsrc/www/horde3: distinfo
Added Files:
pkgsrc/www/horde3/patches: patch-aa
Log Message:
su-based authentication was OS-specific and broken on NetBSD.
Fix su-based authentication. This addresses PR#31260.
---
Module Name: pkgsrc
Committed By: adrianp
Date: Thu Oct 13 18:13:22 UTC 2005
Modified Files:
pkgsrc/www/horde3: Makefile PLIST distinfo
Log Message:
Update to horde 3.0.5
From the CHANGELOG:
> ------
> v3.0.5
> ------
>
> [mms] Fix VFS's autocreatePath() for directory paths containing
> the root directory.
> [jan] Fix cyrsql authentication driver with unixhierarchysep enabled
> (sgrondin%csbf.qc.ca@localhost, Bug 2367).
> [mms] Fix nested IMAP AND searches.
> [mms] In sql VFS driver, allow the use of '/' at the beginning of
> a path to indicate the base directory.
> [jan] Fix returning to last page after sending problem report (Bug
> 2350).
> [mms] Fix a bug that caused hook code to be run unnecessarily after
> a user is already logged in.
>
>
> ----------
> v3.0.5-RC2
> ----------
>
> [cjh] Fix a far-reaching DataTree bug in loading parent ids (Bug
> 2203).
>
>
> ----------
> v3.0.5-RC1
> ----------
>
> [jan] Add Bosnian translation (Vedran Ljubovic
> <vljubovic%smartnet.ba@localhost>).
> [cjh] Let Horde_Tree handle all indent calculation based on
> parent/child relationships (Bug 2198).
> [cjh] Add initial LDAP SessionHandler driver.
> [cjh] Use row-level locking or transactions where possible to avoid
> session corruption in SessionHandler (Bug 1580).
> [mms] Add the memcached SessionHandler:: driver (Rong-En Fan
> <rafan%csie.org@localhost>).
> [mms] Fix verification of MIME strings with escaped quotes (Bug 2168).
> [jan] Fix generation of free periods in free/busy code with
> overlapping events.
> [jan] Don't show Options button in problem reporting page.
> [jan] Add Util::realPath() method.
> [mas] Include version numbers for applications on Admin Setup screen.
> (Bug 1420)
> [mas] Change IMAP Auth driver to use imap/notls by default in non-DSN
> mode to match DSN mode.
> [mas] Add tls and self-signed certificate configuration options to
> IMAP Auth driver. (Bug 1357)
> [cjh] Recognize Opera 8+ as providing advanced features (Bug 2066).
> [cjh] Fix reading of binary files on Windows in VC_svn (Bug 2036).
> [mas] Fix SQL 'LIKE' case-insensitive comparison. (Bug 2030)
> [jan] Allow charset aware IMAP searches.
> [jan] Fix Google search block for non-ascii characters (Bug 1329).
> [jan] Add quick-install instructions.
> [jan] Improve performance of several framework packages.
> [mms] Fix MIME_Contents:: caching in PHP 5 (Bug 1410).
> [jan] Fix VC SVN backend to support user names with spaces
> (shimmanning%gmail.com@localhost, Bug 1919).
> [cjh] Escape HTML in identity names (Bug 1910).
> [mas] Use updated PostgreSQL function names.
> [ben] Update application list in horde's LDAP schema
> [cjh] Enforce maxlength restrictions in Horde_Form validation (Bug
> 1895).
> [jan] Disable weather.com Block if not configured.
> [cjh] Include sourceroot in VC cache keys (Bug 1783).
> [jan] Add SQL script and instructions for MSDE databases (Bugs 1862,
> 1870, jeff%image-src.com@localhost).
> [jan] Allow portal blocks to be larger than two column/rows (Bugs
> 1189, 1632).
> [jan] Add SMTP authentication to problem reporting (Bug 1128).
> [jan] Support help files in admin directory with translations.php
> (Bug 1344).
> [jan] Fixed SQL binding for ODBC and MSSQL drivers (Bug 1816).
> [jan] Add configuration option to set location of MIME magic database.
> [mms] Make sure headers in a MIME_Part are encoded with the same
> character set used in that MIME_Part (Bug 1591).
> [mms] Add List-Headers listed in RFC 2369 to the list of MIME Headers
> that can only appear once in a single header (Bug 1766).
> [cjh] Fix typo in parsing of FREEBUSY data (Bug 1590).
> [jan] Support SQLite and Oracle in all SQL backend configurations.
> [cjh] Use bind variables in the Auth, VFS, and SessionHandler SQL
> drivers, and in scripts/remove_prefs.php (selsky%columbia.edu@localhost,
> Bugs 1665, 1666, 1667, 1668, 1677).
> [cjh] session_set_cookie_params() expects a relative timeout;
> setcookie wants absolute. Go back to a configinteger for
> $conf['session']['timeout'] and add time() to that value in
> setcookie() calls (Bugs 1302, 1658).
> THIS MAY BREAK CONFIGURATIONS SET TO USE PHP CODE. MAKE SURE TO
> UPDATE YOUR $conf['session']['timeout'] SETTING AFTER UPGRADING.
> [cjh] Use bind variables in the Prefs and Token SQL drivers
> (selsky%columbia.edu@localhost, Bugs 1652, 1653).
> [mms] Prune expanded folders that no longer exist in IMAP_Tree
> (Bug 1517).
> [cjh] Don't try to compress output if ZPS compression is on (Bug
> 1626).
> [cjh] If an app only has one prefGroup, always show that prefGroup
> instead of showing an overview screen with only one entry.
---
Module Name: pkgsrc
Committed By: adrianp
Date: Fri Nov 25 20:59:16 UTC 2005
Modified Files:
pkgsrc/www/horde3: Makefile PLIST distinfo
Log Message:
Update to horde 3.0.7
From the CHANGES:
> Major changes compared to the Horde version 3.0.5 are:
> * Fixed sidebar menu layout with Opera browsers.
> * Fixed calendar popup with Safari browsers.
> * Fixed blank screens with Internet Explorer browsers after logins.
> * Fixed warnings with PHP 4.4.0 and 5.0.5.
> * Added ability to enable and disable IMSP globally.
> * Fixed URL generation with some PHP CGI setups.
> * Fixed sharing with groups if using group hooks.
> * Updated Finnish, French, German, Hungarian, Korean, Polish, Slovak,
> Turkish, and Traditional Chinese translations.
> * Minor improvements and bug fixes.
>
> Major changes compared to the Horde version 3.0.6 are:
> * Fixed cross site scripting vulnerabilities in the gzip/tar and css
> MIME
> viewers.
> * Fixed MySQL session handler.
diffstat:
www/horde3/Makefile | 8 ++----
www/horde3/PLIST | 48 +++++++++++++++++++++++---------------------
www/horde3/distinfo | 9 ++++---
www/horde3/patches/patch-aa | 13 ++++++++++++
4 files changed, 46 insertions(+), 32 deletions(-)
diffs (247 lines):
diff -r b3eed91dc3b7 -r 75ff9a19d72c www/horde3/Makefile
--- a/www/horde3/Makefile Sat Nov 26 15:08:42 2005 +0000
+++ b/www/horde3/Makefile Sat Nov 26 15:33:00 2005 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.10 2005/08/19 18:12:39 jlam Exp $
+# $NetBSD: Makefile,v 1.10.2.1 2005/11/26 15:33:00 salo Exp $
-DISTNAME= horde-3.0.4
-PKGREVISION= 1
+DISTNAME= horde-3.0.7
CATEGORIES= www
MASTER_SITES= ftp://ftp.horde.org/pub/horde/tarballs/
@@ -73,6 +72,7 @@
.include "../../mk/apache.mk"
do-build:
+ @${RM} ${WRKSRC}/lib/Horde/Auth/login.php.orig
@${CP} ${FILESDIR}/horde.conf.dist ${WRKSRC}/horde.conf.dist
@${CP} ${WRKSRC}/config/conf.xml ${WRKSRC}/config/conf.xml.dist
@${FIND} ${WRKSRC} -name .htaccess -print | ${XARGS} ${RM} -f
@@ -91,12 +91,10 @@
. for d in ${PAXDIRS}
${INSTALL_DATA_DIR} ${HORDEDIR}/${d}
. endfor
-. undef d
. for d in ${PAXDIRS}
cd ${WRKSRC}/${d} && ${PAX} -rw . ${HORDEDIR}/${d}
. endfor
-. undef d
${INSTALL_DATA} ${WRKSRC}/config/*.dist ${HORDEDIR}/config
${INSTALL_DATA} ${WRKSRC}/*.php ${HORDEDIR}
diff -r b3eed91dc3b7 -r 75ff9a19d72c www/horde3/PLIST
--- a/www/horde3/PLIST Sat Nov 26 15:08:42 2005 +0000
+++ b/www/horde3/PLIST Sat Nov 26 15:33:00 2005 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.4 2005/03/30 21:58:08 adrianp Exp $
+@comment $NetBSD: PLIST,v 1.4.4.1 2005/11/26 15:33:00 salo Exp $
share/doc/horde/CHANGES
share/doc/horde/CODING_STANDARDS
share/doc/horde/CONTRIBUTING
@@ -40,16 +40,19 @@
share/horde/config/prefs.php.dist
share/horde/config/registry.php.dist
share/horde/index.php
+share/horde/js/addEvent.php
share/horde/js/alphaImageLoader.php
share/horde/js/enter_key_trap.js
share/horde/js/form_assign.js
share/horde/js/form_helpers.js
share/horde/js/hideable.js
share/horde/js/httpclient.js
+share/horde/js/ieEscGuard.js
share/horde/js/image.js
share/horde/js/open_colorpicker.js
share/horde/js/popup.js
share/horde/js/sorter.js
+share/horde/js/stripe.js
share/horde/js/tooltip.js
share/horde/lib/Block/color.php
share/horde/lib/Block/fortune.php
@@ -59,6 +62,7 @@
share/horde/lib/Block/moon.php
share/horde/lib/Block/sunrise.php
share/horde/lib/Block/time.php
+share/horde/lib/Block/weatherdotcom_strings.php
share/horde/lib/Block/weatherdotcom.php
share/horde/lib/File/PDF.php
share/horde/lib/File/PDF/fonts/courier.php
@@ -202,7 +206,6 @@
share/horde/lib/Horde/MIME/Viewer/enriched.php
share/horde/lib/Horde/MIME/Viewer/enscript.php
share/horde/lib/Horde/MIME/Viewer/html.php
-share/horde/lib/Horde/MIME/Viewer/icalendar.php
share/horde/lib/Horde/MIME/Viewer/images.php
share/horde/lib/Horde/MIME/Viewer/msexcel.php
share/horde/lib/Horde/MIME/Viewer/mspowerpoint.php
@@ -286,7 +289,10 @@
share/horde/lib/Horde/Serialize.php
share/horde/lib/Horde/SessionHandler.php
share/horde/lib/Horde/SessionHandler/dbm.php
+share/horde/lib/Horde/SessionHandler/ldap.php
+share/horde/lib/Horde/SessionHandler/memcached.php
share/horde/lib/Horde/SessionHandler/mysql.php
+share/horde/lib/Horde/SessionHandler/none.php
share/horde/lib/Horde/SessionHandler/oci8.php
share/horde/lib/Horde/SessionHandler/pgsql.php
share/horde/lib/Horde/SessionHandler/sapdb.php
@@ -295,29 +301,26 @@
share/horde/lib/Horde/Share.php
share/horde/lib/Horde/String.php
share/horde/lib/Horde/SyncML.php
+share/horde/lib/Horde/SyncML/Backend.php
share/horde/lib/Horde/SyncML/Command.php
share/horde/lib/Horde/SyncML/Command/Alert.php
share/horde/lib/Horde/SyncML/Command/Final.php
share/horde/lib/Horde/SyncML/Command/Get.php
share/horde/lib/Horde/SyncML/Command/Map.php
share/horde/lib/Horde/SyncML/Command/Put.php
-share/horde/lib/Horde/SyncML/Command/Replace.php
share/horde/lib/Horde/SyncML/Command/Results.php
share/horde/lib/Horde/SyncML/Command/Status.php
share/horde/lib/Horde/SyncML/Command/Sync.php
-share/horde/lib/Horde/SyncML/Command/Sync/Add.php
-share/horde/lib/Horde/SyncML/Command/Sync/ContentSyncElement.php
-share/horde/lib/Horde/SyncML/Command/Sync/Delete.php
-share/horde/lib/Horde/SyncML/Command/Sync/Replace.php
-share/horde/lib/Horde/SyncML/Command/Sync/SyncElement.php
+share/horde/lib/Horde/SyncML/Command/SyncElement.php
+share/horde/lib/Horde/SyncML/Constants.php
+share/horde/lib/Horde/SyncML/Device.php
+share/horde/lib/Horde/SyncML/Device/P800.php
+share/horde/lib/Horde/SyncML/Device/Sync4j.php
+share/horde/lib/Horde/SyncML/Device/Synthesis.php
+share/horde/lib/Horde/SyncML/DeviceInfo.php
+share/horde/lib/Horde/SyncML/ResultsSender.php
share/horde/lib/Horde/SyncML/State.php
share/horde/lib/Horde/SyncML/Sync.php
-share/horde/lib/Horde/SyncML/Sync/OneWayFromClientSync.php
-share/horde/lib/Horde/SyncML/Sync/OneWayFromServerSync.php
-share/horde/lib/Horde/SyncML/Sync/RefreshFromClientSync.php
-share/horde/lib/Horde/SyncML/Sync/RefreshFromServerSync.php
-share/horde/lib/Horde/SyncML/Sync/SlowSync.php
-share/horde/lib/Horde/SyncML/Sync/TwoWaySync.php
share/horde/lib/Horde/Template.php
share/horde/lib/Horde/Text.php
share/horde/lib/Horde/Text/Filter.php
@@ -423,6 +426,7 @@
share/horde/lib/prefs.php
share/horde/lib/version.php
share/horde/locale/ar_SY/LC_MESSAGES/horde.mo
+share/horde/locale/bs_BA/LC_MESSAGES/horde.mo
share/horde/locale/bg_BG/LC_MESSAGES/horde.mo
share/horde/locale/bg_BG/help.xml
share/horde/locale/ca_ES/LC_MESSAGES/horde.mo
@@ -440,6 +444,7 @@
share/horde/locale/et_EE/LC_MESSAGES/horde.mo
share/horde/locale/et_EE/help.xml
share/horde/locale/fa_IR/LC_MESSAGES/horde.mo
+share/horde/locale/fa_IR/help.xml
share/horde/locale/fi_FI/LC_MESSAGES/horde.mo
share/horde/locale/fi_FI/help.xml
share/horde/locale/fr_FR/LC_MESSAGES/horde.mo
@@ -489,6 +494,7 @@
share/horde/login.php
share/horde/po/README
share/horde/po/ar_SY.po
+share/horde/po/bs_BA.po
share/horde/po/bg_BG.po
share/horde/po/ca_ES.po
share/horde/po/cs_CZ.po
@@ -529,6 +535,7 @@
share/horde/rpc.php
share/horde/scripts/SCRIPTS
share/horde/scripts/create-symlinks.php
+share/horde/scripts/sql/create.msde.sql
share/horde/scripts/crond
share/horde/scripts/get_login.php
share/horde/scripts/http_login_refer.php
@@ -682,10 +689,6 @@
share/horde/templates/admin/user/remove.inc
share/horde/templates/admin/user/removequeued.inc
share/horde/templates/admin/user/update.inc
-share/horde/templates/categorytree/rowend.inc
-share/horde/templates/categorytree/rowstart.inc
-share/horde/templates/categorytree/tablefoot.inc
-share/horde/templates/categorytree/tablehead.inc
share/horde/templates/common-footer.inc
share/horde/templates/common-header.inc
share/horde/templates/contents/open_view_win.js
@@ -1314,8 +1317,6 @@
share/horde/themes/simplex/info.php
share/horde/themes/simplex/screen.css
share/horde/util/barcode.php
-share/horde/util/google_example.php
-share/horde/util/icon_browser.php
share/horde/util/regex_test.php
@dirrm share/horde/util
@dirrm share/horde/themes/simplex/graphics
@@ -1376,7 +1377,6 @@
@dirrm share/horde/templates/help
@dirrm share/horde/templates/data
@dirrm share/horde/templates/contents
-@dirrm share/horde/templates/categorytree
@dirrm share/horde/templates/admin/user
@dirrm share/horde/templates/admin/setup
@dirrm share/horde/templates/admin/groups
@@ -1480,6 +1480,8 @@
@dirrm share/horde/locale/ca_ES
@dirrm share/horde/locale/bg_BG/LC_MESSAGES
@dirrm share/horde/locale/bg_BG
+@dirrm share/horde/locale/bs_BA/LC_MESSAGES
+@dirrm share/horde/locale/bs_BA
@dirrm share/horde/locale/ar_SY/LC_MESSAGES
@dirrm share/horde/locale/ar_SY
@dirrm share/horde/locale
@@ -1518,8 +1520,7 @@
@dirrm share/horde/lib/Horde/Text/tests
@dirrm share/horde/lib/Horde/Text/Filter
@dirrm share/horde/lib/Horde/Text
-@dirrm share/horde/lib/Horde/SyncML/Sync
-@dirrm share/horde/lib/Horde/SyncML/Command/Sync
+@dirrm share/horde/lib/Horde/SyncML/Device
@dirrm share/horde/lib/Horde/SyncML/Command
@dirrm share/horde/lib/Horde/SyncML
@dirrm share/horde/lib/Horde/SessionHandler
@@ -1563,6 +1564,7 @@
@dirrm share/horde/lib/File/PDF
@dirrm share/horde/lib/File/tests
@dirrm share/horde/lib/File
+@dirrm share/horde/lib/data
@dirrm share/horde/lib/Block
@dirrm share/horde/lib
@dirrm share/horde/js
diff -r b3eed91dc3b7 -r 75ff9a19d72c www/horde3/distinfo
--- a/www/horde3/distinfo Sat Nov 26 15:08:42 2005 +0000
+++ b/www/horde3/distinfo Sat Nov 26 15:33:00 2005 +0000
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.4 2005/03/30 21:58:08 adrianp Exp $
+$NetBSD: distinfo,v 1.4.4.1 2005/11/26 15:33:00 salo Exp $
-SHA1 (horde-3.0.4.tar.gz) = fce8a397653f6b5030dc1b5c2cb247e29a1dc70e
-RMD160 (horde-3.0.4.tar.gz) = ebc24fbdb7b76c4301b54fdb46205147b150ce18
-Size (horde-3.0.4.tar.gz) = 3378143 bytes
+SHA1 (horde-3.0.7.tar.gz) = e50db0bd1d349cac47b247699a00ae6dad11f7ff
+RMD160 (horde-3.0.7.tar.gz) = 3232f4e4df3a8c6438a68efbf300aeea66f30ef5
+Size (horde-3.0.7.tar.gz) = 3746081 bytes
+SHA1 (patch-aa) = 9edb110586805d5efd84541b9d3821889967e785
diff -r b3eed91dc3b7 -r 75ff9a19d72c www/horde3/patches/patch-aa
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/www/horde3/patches/patch-aa Sat Nov 26 15:33:00 2005 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-aa,v 1.1.2.2 2005/11/26 15:33:00 salo Exp $
+
+--- lib/Horde/Auth/login.php.orig 2005-03-29 02:59:56.000000000 -0800
++++ lib/Horde/Auth/login.php
+@@ -88,7 +88,7 @@ class Auth_login extends Auth {
+ Horde::fatal(_("No password provided for Login authentication."), __FILE__, __LINE__);
+ }
+
+- $proc = popen($this->_location . ' -c /bin/true ' . $userId, 'w');
++ $proc = popen($this->_location . ' ' . $userId . ' -c exit 0', 'w');
+ if (!is_resource($proc)) {
+ return false;
+ }
Home |
Main Index |
Thread Index |
Old Index