Your message dated Wed, 10 Sep 2014 10:40:15 +0000
with message-id <[email protected]>
and subject line Bug#761008: Removed package(s) from unstable
has caused the Debian Bug report #481894,
regarding torrentflux cannot browse into directories with special characters
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
481894: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481894
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: torrentflux
Version: 2.3-9
Severity: important
Tags: patch
Since time and a day torrentflux is unable to browse into directories
with names containing php special characters like & and '.
Attached is a patch to fix this.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.22-3-686 (SMP w/1 CPU core)
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages torrentflux depends on:
hi bittornado 0.3.18-5 bittorrent client with enhanced cu
ii dbconfig-common 1.8.38 common framework for packaging dat
ii debconf [debconf-2.0] 1.5.21 Debian configuration management sy
ii libapache-mod-php4 6:4.4.4-9 server-side, HTML-embedded scripti
ii libapache2-mod-php5 5.2.5-3 server-side, HTML-embedded scripti
ii libphp-adodb 5.04a-1 The ADOdb database abstraction lay
ii php4-mysql 6:4.4.4-9 MySQL module for php4
ii php5-mysql 5.2.5-3 MySQL module for php5
ii python 2.5.2-1 An interactive high-level object-o
ii zip 2.32-1 Archiver for .zip files
Versions of packages torrentflux recommends:
ii mysql-client 5.0.51a-6 MySQL database client (meta packag
ii mysql-client-5.0 [mysql-clien 5.0.51a-6 MySQL database client binaries
ii mysql-server 5.0.51a-6 MySQL database server (meta packag
ii mysql-server-5.0 [mysql-serve 5.0.51a-6 MySQL database server binaries
-- debconf information:
* torrentflux/dbconfig-install: true
torrentflux/upgrade-backup: true
* torrentflux/dbconfig-upgrade: true
torrentflux/passwords-do-not-match:
torrentflux/performing_upgrade: false
torrentflux/remove-error: abort
torrentflux/mysql/method: unix socket
torrentflux/unsupported-webserver:
* torrentflux/upgrade_to_21:
torrentflux/internal/reconfiguring: false
torrentflux/remote/port:
torrentflux/dbconfig-reinstall: false
* torrentflux/restart-webserver: false
torrentflux/import-oldsettings:
torrentflux/mysql/admin-user: root
torrentflux/missing-db-package-error: abort
torrentflux/internal/skip-preseed: false
torrentflux/purge: false
torrentflux/upgrade-error: abort
torrentflux/install-error: abort
torrentflux/remote/host:
* torrentflux/dbconfig-remove: true
torrentflux/remote/newhost:
torrentflux/database-type: mysql
torrentflux/db/app-user: torrentflux
torrentflux/db/dbname: torrentflux
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
*** dir.php 2008-05-08 01:38:06.000000000 +0200
--- dir.modified.php 2007-11-14 10:52:47.992541972 +0100
***************
*** 31,37 ****
$del = getRequestVar('del');
$down = getRequestVar('down');
$tar = getRequestVar('tar');
! $dir = stripslashes(urldecode(getRequestVar('dir')));
if (strpos(stripslashes($dir),"../")===false) {} else {echo "Can't go to parent directories!";exit;}
// Are we to delete something?
--- 31,39 ----
$del = getRequestVar('del');
$down = getRequestVar('down');
$tar = getRequestVar('tar');
! //$dir = stripslashes(urldecode(getRequestVar('dir')));
! $dir = stripslashes(getRequestVar('dir'));
! $dir = html_entity_decode($dir, ENT_QUOTES);
if (strpos(stripslashes($dir),"../")===false) {} else {echo "Can't go to parent directories!";exit;}
// Are we to delete something?
***************
*** 52,57 ****
--- 54,60 ----
// "test/tester's file/test.txt"
$del = stripslashes(stripslashes($del));
+ $del = html_entity_decode($del, ENT_QUOTES);
if (!ereg("(\.\.\/)", $del))
{
***************
*** 75,81 ****
AuditAction($cfg["constants"]["error"], "ILLEGAL DELETE: ".$cfg['user']." tried to delete ".$del);
}
! header("Location: dir.php?dir=".urlencode($current));
}
// Are we to download something?
--- 78,84 ----
AuditAction($cfg["constants"]["error"], "ILLEGAL DELETE: ".$cfg['user']." tried to delete ".$del);
}
! header("Location: dir.php?dir=".rawurlencode($current));
}
// Are we to download something?
***************
*** 92,97 ****
--- 95,101 ----
// "test/tester's file/test.txt"
$down = stripslashes(stripslashes($down));
+ $down = html_entity_decode($down, ENT_QUOTES);
if (!ereg("(\.\.\/)", $down))
{
***************
*** 136,142 ****
{
AuditAction($cfg["constants"]["error"], "ILLEGAL DOWNLOAD: ".$cfg['user']." tried to download ".$down);
}
! header("Location: dir.php?dir=".urlencode($current));
}
// Are we to download something?
--- 140,146 ----
{
AuditAction($cfg["constants"]["error"], "ILLEGAL DOWNLOAD: ".$cfg['user']." tried to download ".$down);
}
! header("Location: dir.php?dir=".rawurlencode($current));
}
// Are we to download something?
***************
*** 153,158 ****
--- 157,163 ----
// "test/tester's file/test.txt"
$tar = stripslashes(stripslashes($tar));
+ $tar = html_entity_decode($tar, ENT_QUOTES);
if (!ereg("(\.\.\/)", $tar))
{
***************
*** 214,220 ****
{
AuditAction($cfg["constants"]["error"], "ILLEGAL TAR DOWNLOAD: ".$cfg['user']." tried to download ".$tar);
}
! header("Location: dir.php?dir=".urlencode($current));
}
if ($dir == "")
--- 219,225 ----
{
AuditAction($cfg["constants"]["error"], "ILLEGAL TAR DOWNLOAD: ".$cfg['user']." tried to download ".$tar);
}
! header("Location: dir.php?dir=".rawurlencode($current));
}
if ($dir == "")
***************
*** 271,277 ****
if (!file_exists($cfg["path"].$dir))
{
! echo "<strong>".htmlentities($dir)."</strong> could not be found or is not valid.";
}
else
{
--- 276,282 ----
if (!file_exists($cfg["path"].$dir))
{
! echo "<strong>".$dir."</strong> could not be found or is not valid.";
}
else
{
***************
*** 304,310 ****
//get the real parentURL
if (preg_match("/^(.+)\/.+$/",$dir,$matches) == 1)
{
! $parentURL="dir.php?dir=" . urlencode($matches[1]);
}
echo "<table cellpadding=2 width=740>";
--- 309,315 ----
//get the real parentURL
if (preg_match("/^(.+)\/.+$/",$dir,$matches) == 1)
{
! $parentURL="dir.php?dir=" . rawurlencode($matches[1]);
}
echo "<table cellpadding=2 width=740>";
***************
*** 332,350 ****
{
if (@is_dir($dirName.$entry))
{
! echo "<tr bgcolor=\"".$bg."\"><td><a href=\"dir.php?dir=".urlencode($dir.$entry)."\"><img src=\"images/folder2.gif\" width=\"16\" height=\"16\" title=\"".$entry."\" border=\"0\" align=\"absmiddle\">".$entry."</a></td>";
echo "<td> </td>";
echo "<td> </td>";
echo "<td align=\"right\">";
if ($cfg["enable_maketorrent"])
{
! echo "<a href=\"JavaScript:MakeTorrent('maketorrent.php?path=".urlencode($dir.$entry)."')\"><img src=\"images/make.gif\" width=16 height=16 title=\"Make Torrent\" border=0></a>";
}
if ($cfg["enable_file_download"])
{
! echo "<a href=\"dir.php?tar=".urlencode($dir.$entry)."\"><img src=\"images/tar_down.gif\" width=16 height=16 title=\"Download as ".$cfg["package_type"]."\" border=0></a>";
}
// The following lines of code were suggested by Jody Steele [email protected]
--- 337,355 ----
{
if (@is_dir($dirName.$entry))
{
! echo "<tr bgcolor=\"".$bg."\"><td><a href=\"dir.php?dir=".rawurlencode($dir.$entry)."\"><img src=\"images/folder2.gif\" width=\"16\" height=\"16\" title=\"".$entry."\" border=\"0\" align=\"absmiddle\">".$entry."</a></td>";
echo "<td> </td>";
echo "<td> </td>";
echo "<td align=\"right\">";
if ($cfg["enable_maketorrent"])
{
! echo "<a href=\"JavaScript:MakeTorrent('maketorrent.php?path=".rawurlencode($dir.$entry)."')\"><img src=\"images/make.gif\" width=16 height=16 title=\"Make Torrent\" border=0></a>";
}
if ($cfg["enable_file_download"])
{
! echo "<a href=\"dir.php?tar=".rawurlencode($dir.$entry)."\"><img src=\"images/tar_down.gif\" width=16 height=16 title=\"Download as ".$cfg["package_type"]."\" border=0></a>";
}
// The following lines of code were suggested by Jody Steele [email protected]
***************
*** 353,360 ****
// the ability to delete sub directories
if(IsAdmin($cfg["user"]) || preg_match("/^" . $cfg["user"] . "/",$dir))
{
! echo "<a href=\"dir.php?del=".urlencode($dir.$entry)."\" onclick=\"return ConfirmDelete('".addslashes($entry)."')\"><img src=\"images/delete_on.gif\" width=16 height=16 title=\""._DELETE."\" border=0></a>";
! echo "<input type=\"checkbox\" name=\"file[]\" value=\"".urlencode($dir.$entry)."\">";
}
else
{
--- 358,365 ----
// the ability to delete sub directories
if(IsAdmin($cfg["user"]) || preg_match("/^" . $cfg["user"] . "/",$dir))
{
! echo "<a href=\"dir.php?del=".rawurlencode($dir.$entry)."\" onclick=\"return ConfirmDelete('".addslashes($entry)."')\"><img src=\"images/delete_on.gif\" width=16 height=16 title=\""._DELETE."\" border=0></a>";
! echo "<input type=\"checkbox\" name=\"file[]\" value=\"".rawurlencode($dir.$entry)."\">";
}
else
{
***************
*** 423,431 ****
if ($cfg["enable_file_download"])
{
// Yes, let them download
! echo "<a href=\"dir.php?down=".urlencode($dir.$entry)."\" >";
echo "<img src=\"".$image."\" width=\"16\" height=\"16\" alt=\"".$entry."\" border=\"0\"></a>";
! echo "<a href=\"dir.php?down=".urlencode($dir.$entry)."\" >".$entry."</a>";
}
else
{
--- 428,436 ----
if ($cfg["enable_file_download"])
{
// Yes, let them download
! echo "<a href=\"dir.php?down=".rawurlencode($dir.$entry)."\" >";
echo "<img src=\"".$image."\" width=\"16\" height=\"16\" alt=\"".$entry."\" border=\"0\"></a>";
! echo "<a href=\"dir.php?down=".rawurlencode($dir.$entry)."\" >".$entry."</a>";
}
else
{
***************
*** 441,458 ****
if( $cfg["enable_view_nfo"] && (( substr( strtolower($entry), -4 ) == ".nfo" ) || ( substr( strtolower($entry), -4 ) == ".txt" )) )
{
! echo "<a href=\"viewnfo.php?path=".urlencode(addslashes($dir.$entry))."\"><img src=\"images/view_nfo.gif\" width=16 height=16 title=\"View '$entry'\" border=0></a>";
}
if ($cfg["enable_maketorrent"])
{
! echo "<a href=\"JavaScript:MakeTorrent('maketorrent.php?path=".urlencode($dir.$entry)."')\"><img src=\"images/make.gif\" width=16 height=16 title=\"Make Torrent\" border=0></a>";
}
if ($cfg["enable_file_download"])
{
// Show the download button
! echo "<a href=\"dir.php?down=".urlencode($dir.$entry)."\" >";
echo "<img src=\"images/download_owner.gif\" width=16 height=16 title=\"Download\" border=0>";
echo "</a>";
}
--- 446,463 ----
if( $cfg["enable_view_nfo"] && (( substr( strtolower($entry), -4 ) == ".nfo" ) || ( substr( strtolower($entry), -4 ) == ".txt" )) )
{
! echo "<a href=\"viewnfo.php?path=".rawurlencode(addslashes($dir.$entry))."\"><img src=\"images/view_nfo.gif\" width=16 height=16 title=\"View '$entry'\" border=0></a>";
}
if ($cfg["enable_maketorrent"])
{
! echo "<a href=\"JavaScript:MakeTorrent('maketorrent.php?path=".rawurlencode($dir.$entry)."')\"><img src=\"images/make.gif\" width=16 height=16 title=\"Make Torrent\" border=0></a>";
}
if ($cfg["enable_file_download"])
{
// Show the download button
! echo "<a href=\"dir.php?down=".rawurlencode($dir.$entry)."\" >";
echo "<img src=\"images/download_owner.gif\" width=16 height=16 title=\"Download\" border=0>";
echo "</a>";
}
***************
*** 463,470 ****
// the ability to delete files
if(IsAdmin($cfg["user"]) || preg_match("/^" . $cfg["user"] . "/",$dir))
{
! echo "<a href=\"dir.php?del=".urlencode($dir.$entry)."\" onclick=\"return ConfirmDelete('".addslashes($entry)."')\"><img src=\"images/delete_on.gif\" width=16 height=16 title=\""._DELETE."\" border=0></a>";
! echo "<input type=\"checkbox\" name=\"file[]\" value=\"".urlencode($dir.$entry)."\">";
}
else
{
--- 468,475 ----
// the ability to delete files
if(IsAdmin($cfg["user"]) || preg_match("/^" . $cfg["user"] . "/",$dir))
{
! echo "<a href=\"dir.php?del=".rawurlencode($dir.$entry)."\" onclick=\"return ConfirmDelete('".addslashes($entry)."')\"><img src=\"images/delete_on.gif\" width=16 height=16 title=\""._DELETE."\" border=0></a>";
! echo "<input type=\"checkbox\" name=\"file[]\" value=\"".rawurlencode($dir.$entry)."\">";
}
else
{
--- End Message ---
--- Begin Message ---
Version: 2.4-5.1+rm
Dear submitter,
as the package torrentflux has just been removed from the Debian archive
unstable we hereby close the associated bug reports. We are sorry
that we couldn't deal with your issue properly.
For details on the removal, please see https://bugs.debian.org/761008
The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.
This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
[email protected].
Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)
--- End Message ---
