pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2006Q1]: pkgsrc/mail Pullup ticket 1684 - requested by tron
details: https://anonhg.NetBSD.org/pkgsrc/rev/1cb8278e7a9d
branches: pkgsrc-2006Q1
changeset: 510313:1cb8278e7a9d
user: salo <salo%pkgsrc.org@localhost>
date: Sun Jun 04 13:55:57 2006 +0000
description:
Pullup ticket 1684 - requested by tron
security fix for squirrelmail
Revisions pulled up:
- pkgsrc/mail/squirrelmail/Makefile 1.71, 1.73
- pkgsrc/mail/squirrelmail/distinfo 1.31, 1.32
- pkgsrc/mail/squirrelmail/patches/patch-ab 1.12
- pkgsrc/mail/squirrelmail/patches/patch-ac 1.3
- pkgsrc/mail/ja-squirrelmail/MESSAGE 1.3
- pkgsrc/mail/ja-squirrelmail/Makefile 1.27, 1.28, 1.30
- pkgsrc/mail/ja-squirrelmail/PLIST 1.4
- pkgsrc/mail/ja-squirrelmail/distinfo 1.9, 1.10, 1.11
- pkgsrc/mail/ja-squirrelmail/patches/patch-ab 1.3
- pkgsrc/mail/ja-squirrelmail/patches/patch-ac 1.3
- pkgsrc/mail/ja-squirrelmail/patches/patch-ad removed
- pkgsrc/mail/ja-squirrelmail/patches/patch-ae removed
- pkgsrc/mail/ja-squirrelmail/patches/patch-af removed
- pkgsrc/mail/ja-squirrelmail/patches/patch-ag removed
- pkgsrc/mail/ja-squirrelmail/patches/patch-ah removed
Module Name: pkgsrc
Committed By: martti
Date: Tue Apr 11 05:24:20 UTC 2006
Modified Files:
pkgsrc/mail/squirrelmail: Makefile distinfo
Added Files:
pkgsrc/mail/squirrelmail/patches: patch-ab
Log Message:
Updated mail/squirrelmail to 1.4.6nb1
* added patch for Ukrainian translation (needed by the new
* squirrelmail-locales)
---
Module Name: pkgsrc
Committed By: taca
Date: Fri May 5 02:46:54 UTC 2006
Modified Files:
pkgsrc/mail/ja-squirrelmail: MESSAGE Makefile distinfo
Removed Files:
pkgsrc/mail/ja-squirrelmail/patches: patch-ab patch-ac patch-ad
patch-ae patch-af patch-ag patch-ah
Log Message:
Update ja-squirrelmail package to 1.4.6 after talking with martti@.
Prior to this release, there are security vulnerability the same as
squirrelmail 1.4.5.
This update made with temporary Japanese patch based on the patch
for 1.4.5.
---
Module Name: pkgsrc
Committed By: martti
Date: Fri May 5 05:32:36 UTC 2006
Modified Files:
pkgsrc/mail/ja-squirrelmail: Makefile PLIST distinfo
Added Files:
pkgsrc/mail/ja-squirrelmail/patches: patch-ab
Log Message:
Updated ja-squirrelmail to 1.4.6nb1
* sync with squirrelmail-1.4.6nb1
---
Module Name: pkgsrc
Committed By: tron
Date: Sun Jun 4 12:31:31 UTC 2006
Modified Files:
pkgsrc/mail/ja-squirrelmail: Makefile distinfo
pkgsrc/mail/squirrelmail: Makefile distinfo
Added Files:
pkgsrc/mail/ja-squirrelmail/patches: patch-ac
pkgsrc/mail/squirrelmail/patches: patch-ac
Log Message:
Add fix for security issue 2006-06-01 from SquirrelMail CVS repository.
Bump package revision.
diffstat:
mail/ja-squirrelmail/MESSAGE | 8 +++-
mail/ja-squirrelmail/Makefile | 17 ++++----
mail/ja-squirrelmail/PLIST | 20 +++++++++-
mail/ja-squirrelmail/distinfo | 23 ++++-------
mail/ja-squirrelmail/patches/patch-ab | 33 +++++++++-------
mail/ja-squirrelmail/patches/patch-ac | 70 ++++++++++++++++++++++++++--------
mail/ja-squirrelmail/patches/patch-ad | 16 --------
mail/ja-squirrelmail/patches/patch-ae | 32 ----------------
mail/ja-squirrelmail/patches/patch-af | 17 --------
mail/ja-squirrelmail/patches/patch-ag | 13 ------
mail/ja-squirrelmail/patches/patch-ah | 13 ------
mail/squirrelmail/Makefile | 4 +-
mail/squirrelmail/distinfo | 4 +-
mail/squirrelmail/patches/patch-ab | 19 +++++++++
mail/squirrelmail/patches/patch-ac | 59 +++++++++++++++++++++++++++++
15 files changed, 197 insertions(+), 151 deletions(-)
diffs (truncated from 548 to 300 lines):
diff -r 98a9b4a032bc -r 1cb8278e7a9d mail/ja-squirrelmail/MESSAGE
--- a/mail/ja-squirrelmail/MESSAGE Sun Jun 04 12:30:23 2006 +0000
+++ b/mail/ja-squirrelmail/MESSAGE Sun Jun 04 13:55:57 2006 +0000
@@ -1,5 +1,11 @@
===========================================================================
-$NetBSD: MESSAGE,v 1.2 2005/07/20 15:43:39 taca Exp $
+$NetBSD: MESSAGE,v 1.2.6.1 2006/06/04 13:55:57 salo Exp $
+
+In order to use ja-squirrelmail package, you need to install these
+packages, too:
+
+ mail/squirrelmail-decode
+ mail/squirrelmail-locales
Please run the SquirrelMail configuration script:
diff -r 98a9b4a032bc -r 1cb8278e7a9d mail/ja-squirrelmail/Makefile
--- a/mail/ja-squirrelmail/Makefile Sun Jun 04 12:30:23 2006 +0000
+++ b/mail/ja-squirrelmail/Makefile Sun Jun 04 13:55:57 2006 +0000
@@ -1,15 +1,15 @@
-# $NetBSD: Makefile,v 1.26 2006/02/17 07:04:25 martti Exp $
+# $NetBSD: Makefile,v 1.26.2.1 2006/06/04 13:55:57 salo Exp $
-DISTNAME= squirrelmail-1.4.5
+DISTNAME= squirrelmail-1.4.6
PKGNAME= ja-${DISTNAME}
-PKGREVISION= 5
+PKGREVISION= 3
CATEGORIES= mail www
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=squirrelmail/}
EXTRACT_SUFX= .tar.bz2
-PATCH_SITES= http://www.yamaai-tech.com/~masato/Download/
-PATCHFILES= squirrelmail-1.4.5-ja-20050714-patch.gz
-PATCH_DIST_STRIP= -p1
+#PATCH_SITES= http://www.yamaai-tech.com/~masato/Download/
+PATCH_SITES= ftp://ftp.back-street.net/pub/squirrelmail/
+PATCHFILES= squirrelmail-1.4.6-ja-20060504-patch
MAINTAINER= martti%NetBSD.org@localhost
HOMEPAGE= http://www.squirrelmail.jp/
@@ -25,7 +25,7 @@
USE_LANGUAGES= # empty
NO_BUILD= yes
USE_TOOLS+= perl:run
-REPLACE_PERL+= config/conf.pl config/ri_once.pl
+REPLACE_PERL+= config/conf.pl
.include "../../mk/bsd.prefs.mk"
@@ -55,7 +55,8 @@
OWN_DIRS_PERMS+= ${USER_PREFS_DIR} ${APACHE_USER} ${APACHE_GROUP} 755
SUBST_CLASSES+= paths
-SUBST_FILES.paths= ${WRKDIR}/squirrelmail.conf.dist config/config_default.php
+SUBST_FILES.paths= ${WRKDIR:Q}/squirrelmail.conf.dist
+SUBST_FILES.paths+= config/config_default.php
SUBST_SED.paths+= -e 's,@PREFIX@,${PREFIX},g'
SUBST_SED.paths+= -e 's,@ATTACHMENTS_DIR@,${ATTACHMENTS_DIR},g'
SUBST_SED.paths+= -e 's,@USER_PREFS_DIR@,${USER_PREFS_DIR},g'
diff -r 98a9b4a032bc -r 1cb8278e7a9d mail/ja-squirrelmail/PLIST
--- a/mail/ja-squirrelmail/PLIST Sun Jun 04 12:30:23 2006 +0000
+++ b/mail/ja-squirrelmail/PLIST Sun Jun 04 13:55:57 2006 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.3 2005/07/18 07:04:24 martti Exp $
+@comment $NetBSD: PLIST,v 1.3.6.1 2006/06/04 13:55:57 salo Exp $
share/examples/squirrelmail/squirrelmail.conf
share/squirrelmail/AUTHORS
share/squirrelmail/COPYING
@@ -13,6 +13,7 @@
share/squirrelmail/class/deliver/Deliver_SendMail.class.php
share/squirrelmail/class/deliver/index.php
share/squirrelmail/class/helper/VCard.class.php
+share/squirrelmail/class/helper/index.php
share/squirrelmail/class/html.class.php
share/squirrelmail/class/index.php
share/squirrelmail/class/mime.class.php
@@ -63,12 +64,14 @@
share/squirrelmail/doc/ReleaseNotes/1.4/Notes-1.4.3.txt
share/squirrelmail/doc/ReleaseNotes/1.4/Notes-1.4.3a.txt
share/squirrelmail/doc/ReleaseNotes/1.4/Notes-1.4.4.txt
+share/squirrelmail/doc/ReleaseNotes/1.4/Notes-1.4.5.txt
share/squirrelmail/doc/authentication.txt
share/squirrelmail/doc/db-backend.txt
share/squirrelmail/doc/ie_ssl.txt
share/squirrelmail/doc/index.html
share/squirrelmail/doc/presets.txt
share/squirrelmail/doc/russian_apache.txt
+share/squirrelmail/doc/security.txt
share/squirrelmail/doc/themes.txt
share/squirrelmail/doc/translating.txt
share/squirrelmail/doc/translating_help.txt
@@ -92,7 +95,7 @@
share/squirrelmail/functions/decode/cp1258.php
share/squirrelmail/functions/decode/cp855.php
share/squirrelmail/functions/decode/cp866.php
-share/squirrelmail/functions/decode/iso_2022_jp.php
+share/squirrelmail/functions/decode/index.php
share/squirrelmail/functions/decode/iso_8859_1.php
share/squirrelmail/functions/decode/iso_8859_10.php
share/squirrelmail/functions/decode/iso_8859_11.php
@@ -119,6 +122,7 @@
share/squirrelmail/functions/encode/cp1251.php
share/squirrelmail/functions/encode/cp1255.php
share/squirrelmail/functions/encode/cp1256.php
+share/squirrelmail/functions/encode/index.php
share/squirrelmail/functions/encode/iso_8859_1.php
share/squirrelmail/functions/encode/iso_8859_15.php
share/squirrelmail/functions/encode/iso_8859_2.php
@@ -189,6 +193,7 @@
share/squirrelmail/locale/timezones.cfg
share/squirrelmail/plugins/README.plugins
share/squirrelmail/plugins/abook_take/README
+share/squirrelmail/plugins/abook_take/index.php
share/squirrelmail/plugins/abook_take/setup.php
share/squirrelmail/plugins/abook_take/take.php
share/squirrelmail/plugins/administrator/INSTALL
@@ -223,12 +228,14 @@
share/squirrelmail/plugins/filters/bulkquery/bq.in
share/squirrelmail/plugins/filters/bulkquery/bq.out
share/squirrelmail/plugins/filters/bulkquery/bulkquery.c
+share/squirrelmail/plugins/filters/bulkquery/index.php
share/squirrelmail/plugins/filters/filters.php
share/squirrelmail/plugins/filters/index.php
share/squirrelmail/plugins/filters/options.php
share/squirrelmail/plugins/filters/setup.php
share/squirrelmail/plugins/filters/spamoptions.php
share/squirrelmail/plugins/fortune/INSTALL
+share/squirrelmail/plugins/fortune/index.php
share/squirrelmail/plugins/fortune/setup.php
share/squirrelmail/plugins/index.php
share/squirrelmail/plugins/info/README
@@ -248,6 +255,7 @@
share/squirrelmail/plugins/mail_fetch/options.php
share/squirrelmail/plugins/mail_fetch/setup.php
share/squirrelmail/plugins/make_archive.pl
+share/squirrelmail/plugins/message_details/index.php
share/squirrelmail/plugins/message_details/message_details_bottom.php
share/squirrelmail/plugins/message_details/message_details_main.php
share/squirrelmail/plugins/message_details/message_details_top.php
@@ -262,6 +270,7 @@
share/squirrelmail/plugins/newmail/sounds/Friends.wav
share/squirrelmail/plugins/newmail/sounds/MontyPython.wav
share/squirrelmail/plugins/newmail/sounds/Notify.wav
+share/squirrelmail/plugins/newmail/sounds/index.php
share/squirrelmail/plugins/newmail/testsound.php
share/squirrelmail/plugins/sent_subfolders/index.php
share/squirrelmail/plugins/sent_subfolders/setup.php
@@ -358,11 +367,13 @@
share/squirrelmail/themes/black_bean_burrito_theme.php
share/squirrelmail/themes/blue_grey_theme.php
share/squirrelmail/themes/bluesnews_theme.php
+share/squirrelmail/themes/bluesome.php
share/squirrelmail/themes/bluesteel_theme.php
share/squirrelmail/themes/christmas.php
share/squirrelmail/themes/css/comic-sans-08.css
share/squirrelmail/themes/css/comic-sans-10.css
share/squirrelmail/themes/css/comic-sans-12.css
+share/squirrelmail/themes/css/index.php
share/squirrelmail/themes/css/sans-08.css
share/squirrelmail/themes/css/sans-10.css
share/squirrelmail/themes/css/sans-12.css
@@ -403,10 +414,15 @@
share/squirrelmail/themes/seaspray_theme.php
share/squirrelmail/themes/servery_theme.php
share/squirrelmail/themes/shades_of_grey.php
+share/squirrelmail/themes/silver_steel_theme.php
+share/squirrelmail/themes/simple_green2.php
+share/squirrelmail/themes/simple_green_theme.php
+share/squirrelmail/themes/simple_purple.php
share/squirrelmail/themes/slashdot_theme.php
share/squirrelmail/themes/spice_of_life.php
share/squirrelmail/themes/spice_of_life_dark.php
share/squirrelmail/themes/spice_of_life_lite.php
+share/squirrelmail/themes/wood_theme.php
@dirrm share/squirrelmail/themes/css
@dirrm share/squirrelmail/themes
@dirrm share/squirrelmail/src
diff -r 98a9b4a032bc -r 1cb8278e7a9d mail/ja-squirrelmail/distinfo
--- a/mail/ja-squirrelmail/distinfo Sun Jun 04 12:30:23 2006 +0000
+++ b/mail/ja-squirrelmail/distinfo Sun Jun 04 13:55:57 2006 +0000
@@ -1,16 +1,11 @@
-$NetBSD: distinfo,v 1.8 2005/12/05 20:14:35 martti Exp $
+$NetBSD: distinfo,v 1.8.4.1 2006/06/04 13:55:57 salo Exp $
-SHA1 (squirrelmail-1.4.5.tar.bz2) = 48c93dd99b72b73a3ea48311152bcbc40af5cabb
-RMD160 (squirrelmail-1.4.5.tar.bz2) = 6f748e483ea1c3c94eeb849ce11a3afd90c499a0
-Size (squirrelmail-1.4.5.tar.bz2) = 480226 bytes
-SHA1 (squirrelmail-1.4.5-ja-20050714-patch.gz) = 6773c2c8122025ea1470393a53d4e8ba6e22038c
-RMD160 (squirrelmail-1.4.5-ja-20050714-patch.gz) = 5b855c3c8031d11d5ef32360790b2c2c6c4147fe
-Size (squirrelmail-1.4.5-ja-20050714-patch.gz) = 7542 bytes
+SHA1 (squirrelmail-1.4.6.tar.bz2) = b813aa9f736b4b6c41d1afd35bcbd01604e85cf7
+RMD160 (squirrelmail-1.4.6.tar.bz2) = 3cee894b392620af3e35ef1d00e35775559dd4f7
+Size (squirrelmail-1.4.6.tar.bz2) = 484099 bytes
+SHA1 (squirrelmail-1.4.6-ja-20060504-patch) = 15b17d2f1b8d9c19b01cc23bf6148ac7ee0e77ce
+RMD160 (squirrelmail-1.4.6-ja-20060504-patch) = 7cb0a584afaffe73176edd75886fe7536363aefe
+Size (squirrelmail-1.4.6-ja-20060504-patch) = 29808 bytes
SHA1 (patch-aa) = c96e85a28464c414bef744f9d1398fc9dd49549a
-SHA1 (patch-ab) = c101e77938a3c2c6cf62b62a79a63125d44dda32
-SHA1 (patch-ac) = 7d3c742e8694fb051ada1d11d1624b199d61cf5b
-SHA1 (patch-ad) = 1db2f3d91e059a26ba41e638b7fba134fb7fa1ca
-SHA1 (patch-ae) = 45578c696d9e0ff48928e81228982e5d40c86919
-SHA1 (patch-af) = 96bb58143a83b6bbeb5477fdcd470895ccae202b
-SHA1 (patch-ag) = a9cd5b779468ca7f1361c72207bbb550cd9748e3
-SHA1 (patch-ah) = 073dfa9544b8dd9ec91c4a8cba5e5b6c710e284f
+SHA1 (patch-ab) = a7648438c9764e432e5d040e8e3aebb0ab48730e
+SHA1 (patch-ac) = 393579f9276169d2c765726fb1249160a270e983
diff -r 98a9b4a032bc -r 1cb8278e7a9d mail/ja-squirrelmail/patches/patch-ab
--- a/mail/ja-squirrelmail/patches/patch-ab Sun Jun 04 12:30:23 2006 +0000
+++ b/mail/ja-squirrelmail/patches/patch-ab Sun Jun 04 13:55:57 2006 +0000
@@ -1,16 +1,19 @@
-$NetBSD: patch-ab,v 1.1 2005/12/05 09:28:44 martti Exp $
+$NetBSD: patch-ab,v 1.1.6.1 2006/06/04 13:55:57 salo Exp $
---- class/mime/Rfc822Header.class.php.orig 2005-02-06 19:33:29.000000000 -0500
-+++ class/mime/Rfc822Header.class.php
-@@ -505,8 +505,9 @@ class Rfc822Header {
- * functions/imap_messages. I'm not sure if it's ok here to call
- * that function?
- */
-- function parsePriority($value) {
-- $value = strtolower(array_shift(split('/\w/',trim($value))));
-+ function parsePriority($sValue) {
-+ $aValue = split('/\w/',trim($sValue));
-+ $value = strtolower(array_shift($aValue));
- if ( is_numeric($value) ) {
- return $value;
- }
+--- functions/i18n.php.orig 2006-02-10 22:30:31.000000000 +0200
++++ functions/i18n.php 2006-04-11 08:15:24.000000000 +0300
+@@ -834,11 +834,11 @@
+ $languages['zh_CN']['LOCALE'] = 'zh_CN.GB2312';
+ $languages['cn']['ALIAS'] = 'zh_CN';
+
+-/*
+ $languages['uk_UA']['NAME'] = 'Ukrainian';
+-$languages['uk_UA']['CHARSET'] = 'koi8-u';
++$languages['uk_UA']['CHARSET'] = 'utf-8';
++$languages['uk_UA']['LOCALE'] = array('uk_UA.UTF-8','uk_UA','uk');
+ $languages['uk']['ALIAS'] = 'uk_UA';
+-*/
++
+ /*
+ $languages['vi_VN']['NAME'] = 'Vietnamese';
+ $languages['vi_VN']['CHARSET'] = 'utf-8';
diff -r 98a9b4a032bc -r 1cb8278e7a9d mail/ja-squirrelmail/patches/patch-ac
--- a/mail/ja-squirrelmail/patches/patch-ac Sun Jun 04 12:30:23 2006 +0000
+++ b/mail/ja-squirrelmail/patches/patch-ac Sun Jun 04 13:55:57 2006 +0000
@@ -1,23 +1,59 @@
-$NetBSD: patch-ac,v 1.1 2005/12/05 09:28:44 martti Exp $
+$NetBSD: patch-ac,v 1.1.6.1 2006/06/04 13:55:57 salo Exp $
---- functions/imap_messages.php.orig 2005-04-16 13:45:38.000000000 -0400
-+++ functions/imap_messages.php
-@@ -476,8 +476,9 @@ function parseArray($read,&$i) {
- * NOTE: this is actually a duplicate from the function in
- * class/mime/Rfc822Header.php.
- */
--function parsePriority($value) {
-- $value = strtolower(array_shift(split('/\w/',trim($value))));
-+function parsePriority($sValue) {
-+ $aValue=split('/\w/',trim($sValue));
-+ $value = strtolower(array_shift($aValue));
- if ( is_numeric($value) ) {
- return $value;
- }
-@@ -915,4 +916,4 @@ function sqimap_get_small_header($imap_s
- return $res[0];
+--- functions/global.php.orig 2006-02-03 22:27:47.000000000 +0000
++++ functions/global.php 2006-06-04 13:22:14.000000000 +0100
+@@ -62,6 +62,47 @@
+ sqstripslashes($_POST);
}
++/**
++ * If register_globals are on, unregister globals.
++ * Code requires PHP 4.1.0 or newer.
++ * Second test covers boolean set as string (php_value register_globals off).
++ */
++if ((bool) @ini_get('register_globals') &&
++ strtolower(ini_get('register_globals'))!='off') {
++ /**
++ * Remove all globals from $_GET, $_POST, and $_COOKIE.
++ */
++ foreach ($_REQUEST as $key => $value) {
++ unset($GLOBALS[$key]);
++ }
++ /**
++ * Remove globalized $_FILES variables
++ * Before 4.3.0 $_FILES are included in $_REQUEST.
++ * Unglobalize them in separate call in order to remove dependency
++ * on PHP version.
++ */
++ foreach ($_FILES as $key => $value) {
++ unset($GLOBALS[$key]);
++ // there are three undocumented $_FILES globals.
++ unset($GLOBALS[$key.'_type']);
++ unset($GLOBALS[$key.'_name']);
++ unset($GLOBALS[$key.'_size']);
++ }
Home |
Main Index |
Thread Index |
Old Index