Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-0.7.git;a=commitdiff;h=c44342ba7a72394122b27d05ffde53f3146e2200
commit c44342ba7a72394122b27d05ffde53f3146e2200 Author: voroskoi <[EMAIL PROTECTED]> Date: Tue Jan 22 10:21:39 2008 +0100 joomla-1.0.13-2sayshell1-x86_64 added CVE-2007-5427.diff, closes #2487 diff --git a/source/network-extra/joomla/CVE-2007-5427.diff b/source/network-extra/joomla/CVE-2007-5427.diff new file mode 100644 index 0000000..f012105 --- /dev/null +++ b/source/network-extra/joomla/CVE-2007-5427.diff @@ -0,0 +1,13 @@ +--- components/com_search/search.html.php 2008/01/04 04:49:28 9849 ++++ components/com_search/search.html.php 2008/01/04 05:56:34 9850 +@@ -127,8 +127,9 @@ + $searchphrase = strtolower( strval( mosGetParam( $_REQUEST, 'searchphrase', 'any' ) ) ); + + $searchphrase = htmlspecialchars($searchphrase); ++ $cleanWord = htmlspecialchars($searchword); + +- $link = $mosConfig_live_site ."/index.php?option=$option&Itemid=$Itemid&searchword=$searchword&searchphrase=$searchphrase&ordering=$ordering"; ++ $link = $mosConfig_live_site ."/index.php?option=$option&Itemid=$Itemid&searchword=$cleanWord&searchphrase=$searchphrase&ordering=$ordering"; + echo $pageNav->getLimitBox( $link ); + ?> + </div> diff --git a/source/network-extra/joomla/FrugalBuild b/source/network-extra/joomla/FrugalBuild index f0b5fd6..8292e2f 100644 --- a/source/network-extra/joomla/FrugalBuild +++ b/source/network-extra/joomla/FrugalBuild @@ -3,7 +3,7 @@ pkgname=joomla pkgver=1.0.13 -pkgrel=1 +pkgrel=2sayshell1 pkgdesc="One of the most powerful Open Source Content Management Systems on the planet" url="http://www.joomla.org/"; rodepends=('apache' 'php' 'mysql' 'webappconfig') @@ -12,12 +12,15 @@ archs=('i686' 'x86_64') up2date="lynx -dump http://www.joomla.org/content/blogcategory/32/66/|grep 'Stable version is'|sed 's/.*\[ *\([0-9.]\+\) *\]/\1/'" backup=(var/www/joomla/configuration.php) source=(http://joomlacode.org/gf/download/frsrelease/4508/13216/Joomla_$pkgver-Stable-Full_Package.tar.gz \ - joomlasetup README.Frugalware) + joomlasetup README.Frugalware CVE-2007-5427.diff) sha1sums=('91934fe13e65ccb679ba50db1962449c306211df' \ '436fa260a2750e2394eb23f1504757bdb8045af1' \ - 'c079d041113ca5302340955027a5e313bee47f4a') + 'c079d041113ca5302340955027a5e313bee47f4a' \ + '044d0443f13a71893bb1626a690386a7c39514df') build() { + _F_cd_path="." + Fpatchall sed -i "s/#__/jos_/g" installation/sql/joomla.sql || Fdie sed -i "s/#__/jos_/g" installation/sql/sample_data.sql || Fdie Fmkdir /var/www/joomla _______________________________________________ Frugalware-git mailing list [email protected] http://frugalware.org/mailman/listinfo/frugalware-git
