[gentoo-commits] repo/gentoo:master commit in: www-apps/websvn/, www-apps/websvn/files/, profiles/
commit: 35123aec38bbe8638bdfd2c6606b65fdd25a04b6 Author: Jakov Smolić gentoo org> AuthorDate: Sat Dec 11 16:09:17 2021 + Commit: Jakov Smolić gentoo org> CommitDate: Sat Dec 11 16:09:17 2021 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=35123aec www-apps/websvn: treeclean Closes: https://bugs.gentoo.org/672352 Bug: https://bugs.gentoo.org/794511 Signed-off-by: Jakov Smolić gentoo.org> profiles/package.mask | 5 -- www-apps/websvn/Manifest | 1 - .../websvn/files/13_security_CVE-2013-6892.patch | 39 -- www-apps/websvn/files/30_CVE-2016-2511.patch | 11 www-apps/websvn/files/31_CVE-2016-1236.patch | 61 -- www-apps/websvn/metadata.xml | 13 - www-apps/websvn/websvn-2.3.3-r1.ebuild | 53 --- 7 files changed, 183 deletions(-) diff --git a/profiles/package.mask b/profiles/package.mask index 15b0289eead3..fc05bf0806df 100644 --- a/profiles/package.mask +++ b/profiles/package.mask @@ -389,11 +389,6 @@ dev-java/trident dev-java/okio dev-java/moshi -# John Helmert III (2021-11-12) -# Unfixed code execution bug, unmaintained in Gentoo. -# Removal on 2021-12-11, bugs #672352, #794511. -www-apps/websvn - # Mart Raudsepp (2021-11-11) # Needs testing to ensure valac-0.54 works for existing packages >=dev-libs/vala-common-0.53 diff --git a/www-apps/websvn/Manifest b/www-apps/websvn/Manifest deleted file mode 100644 index e7b9173421a2.. --- a/www-apps/websvn/Manifest +++ /dev/null @@ -1 +0,0 @@ -DIST websvn-2.3.3.tar.gz 882779 BLAKE2B e851bdd8cf42c34202c8416b5f63d0b4b6731f082d1103eaf21689bd65ddb11d8ed2d9d1a8e476d2c342db9b59bc7dea37ae0c9eb929a8c8298dfa3965da34ce SHA512 8c77a9770dfc3c9487793cd71c460d4048aa4aa7b8520a53eea8ae872f30e06d885f849d63fa0e9f61ed5923f9dd9c5ef1f3c4f020afaa83d7815a99d64818a0 diff --git a/www-apps/websvn/files/13_security_CVE-2013-6892.patch b/www-apps/websvn/files/13_security_CVE-2013-6892.patch deleted file mode 100644 index ffb14e84aa11.. --- a/www-apps/websvn/files/13_security_CVE-2013-6892.patch +++ /dev/null @@ -1,39 +0,0 @@ -Arbitrary files with a known path can be accessed in websvn by committing a -symlink to a repository and then downloading the file (using the download -link). - -Author: Thijs Kinkhorst - -https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775682 - -diff -ur oud/dl.php nieuw/dl.php oud/dl.php 2015-01-18 16:03:30.688791512 +0100 -+++ nieuw/dl.php 2015-01-18 16:27:00.950897749 +0100 -@@ -137,6 +137,18 @@ - exit(0); - } - -+ // For security reasons, disallow direct downloads of filenames that -+ // are a symlink, since they may be a symlink to anywhere (/etc/passwd) -+ // Deciding whether the symlink is relative and legal within the -+ // repository would be nice but seems to error prone at this moment. -+ if ( is_link($tempDir.DIRECTORY_SEPARATOR.$archiveName) ) { -+ header('HTTP/1.x 500 Internal Server Error', true, 500); -+ error_log('to be downloaded file is symlink, aborting: '.$archiveName); -+ print 'Download of symlinks disallowed: "'.xml_entities($archiveName).'".'; -+ removeDirectory($tempDir); -+ exit(0); -+ } -+ - // Set timestamp of exported directory (and subdirectories) to timestamp of - // the revision so every archive of a given revision has the same timestamp. - $revDate = $logEntry->date; -@@ -180,7 +192,7 @@ - $downloadMimeType = 'application/x-zip'; - $downloadArchive .= '.zip'; - // Create zip file -- $cmd = $config->zip.' -r '.quote($downloadArchive).' '.quote($archiveName); -+ $cmd = $config->zip.' --symlinks -r '.quote($downloadArchive).' '.quote($archiveName); - execCommand($cmd, $retcode); - if ($retcode != 0) { - error_log('Unable to call zip command: '.$cmd); diff --git a/www-apps/websvn/files/30_CVE-2016-2511.patch b/www-apps/websvn/files/30_CVE-2016-2511.patch deleted file mode 100644 index 9c270bbc4582.. --- a/www-apps/websvn/files/30_CVE-2016-2511.patch +++ /dev/null @@ -1,11 +0,0 @@ orig/include/setup.php 2016-02-19 16:02:05.674756241 +0100 -+++ new/include/setup.php 2016-02-19 16:02:10.166832543 +0100 -@@ -467,7 +467,7 @@ - $vars['validationurl'] = getFullURL($_SERVER['SCRIPT_NAME']).'?'.buildQuery($queryParams + array('template' => $template, 'language' => $language), '%26'); - - // To avoid a possible XSS exploit, need to clean up the passed-in path first --$path = !empty($_REQUEST['path']) ? $_REQUEST['path'] : null; -+$path = !empty($_REQUEST['path']) ? escape($_REQUEST['path']) : null; - if ($path === null || $path === '') - $path = '/'; - $vars['safepath'] = escape($path); diff --git
[gentoo-commits] repo/gentoo:master commit in: www-apps/websvn/
commit: 5153f7feef7cba5dd3de9b254ee1f7f0139021ba Author: Sam James gentoo org> AuthorDate: Sun Jan 10 22:14:10 2021 + Commit: Sam James gentoo org> CommitDate: Sun Jan 10 22:27:51 2021 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5153f7fe www-apps/websvn: mark ALLARCHES Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: Sam James gentoo.org> www-apps/websvn/metadata.xml | 1 + 1 file changed, 1 insertion(+) diff --git a/www-apps/websvn/metadata.xml b/www-apps/websvn/metadata.xml index b925333babf..6acd325f386 100644 --- a/www-apps/websvn/metadata.xml +++ b/www-apps/websvn/metadata.xml @@ -5,6 +5,7 @@ web-a...@gentoo.org Gentoo Webapps + Add enscript support to colorize code stored in the repository
[gentoo-commits] repo/gentoo:master commit in: www-apps/websvn/
commit: 4da6387ff82c57eb97f10c7ec1edbb6dbb45b457 Author: Michał Górny gentoo org> AuthorDate: Tue Nov 13 11:41:24 2018 + Commit: Michał Górny gentoo org> CommitDate: Wed Nov 28 09:58:23 2018 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4da6387f www-apps/websvn: Make USE=enscript a local flag Signed-off-by: Michał Górny gentoo.org> www-apps/websvn/metadata.xml | 4 1 file changed, 4 insertions(+) diff --git a/www-apps/websvn/metadata.xml b/www-apps/websvn/metadata.xml index 23492929dea..bcf1012b79d 100644 --- a/www-apps/websvn/metadata.xml +++ b/www-apps/websvn/metadata.xml @@ -5,6 +5,10 @@ web-a...@gentoo.org Gentoo Webapps + + Add enscript support to colorize code + stored in the repository + Web based Subversion repository browser written in PHP
[gentoo-commits] repo/gentoo:master commit in: www-apps/websvn/
commit: 804196e1f28457f9538c4b234b43e21befb83dcf Author: Aaron Bauman gentoo org> AuthorDate: Mon Jan 16 04:37:29 2017 + Commit: Aaron Bauman gentoo org> CommitDate: Mon Jan 16 04:37:29 2017 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=804196e1 www-apps/websvn: security cleanup wrt bug #552684 Package-Manager: portage-2.3.0 www-apps/websvn/Manifest| 1 - www-apps/websvn/websvn-2.3.2.ebuild | 54 - 2 files changed, 55 deletions(-) diff --git a/www-apps/websvn/Manifest b/www-apps/websvn/Manifest index c23ef53..d275104 100644 --- a/www-apps/websvn/Manifest +++ b/www-apps/websvn/Manifest @@ -1,2 +1 @@ -DIST websvn-2.3.2.tar.gz 846511 SHA256 d2e6e65c1ca8c51e036b2229f144fe22cd13c005a080326a99eef48453855bdc SHA512 fd5b902c8d9c518ca5800e259fdc4d3f0e59753db8efb63fc91baea4dae6ca3a537f04b70e928427e07da9868855826686e094885b671cf578b7f50e8da39df3 WHIRLPOOL 25478ae264ecd7c13d02eea8fbadf1c856b078961ce56647036c0cc5ce8b2d0187a973f13c05f1f7ca9a76200827f09e1a71e5502f0a158b987d5e8bc08b481b DIST websvn-2.3.3.tar.gz 882779 SHA256 67d5cb7ffb087f8a92e3dcad10f16612baac4d15a60d659aa8b6e06200ac8742 SHA512 8c77a9770dfc3c9487793cd71c460d4048aa4aa7b8520a53eea8ae872f30e06d885f849d63fa0e9f61ed5923f9dd9c5ef1f3c4f020afaa83d7815a99d64818a0 WHIRLPOOL efd59ddbe6a84d2b0bce9286271627e485c77b93dd0ad998ecaa4bad8bfb246f62508c3e1d6183194b9f64313f223bb44fc8d8fdf0c1f176efb808b3cbf7e7d9 diff --git a/www-apps/websvn/websvn-2.3.2.ebuild b/www-apps/websvn/websvn-2.3.2.ebuild deleted file mode 100644 index f6cb952.. --- a/www-apps/websvn/websvn-2.3.2.ebuild +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright 1999-2016 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -EAPI="2" - -inherit eutils webapp - -MY_P="${P//_/}" - -DESCRIPTION="Web-based browsing tool for Subversion (SVN) repositories in PHP" -HOMEPAGE="http://www.websvn.info/ http://websvn.tigris.org/; -DOWNLOAD_NUMBER="48737" -SRC_URI="http://websvn.tigris.org/files/documents/1380/${DOWNLOAD_NUMBER}/${MY_P}.tar.gz; - -LICENSE="GPL-2" -IUSE="enscript" -KEYWORDS="amd64 ppc ppc64 ~sparc x86" - -DEPEND="virtual/httpd-php" -RDEPEND="dev-vcs/subversion - enscript? ( app-text/enscript ) - virtual/httpd-php" -RESTRICT="mirror" - -need_httpd_cgi - -S="${WORKDIR}/${MY_P}" - -pkg_setup() { - webapp_pkg_setup - has_php - require_php_with_use xml -} - -src_install() { - webapp_src_preinst - - mv include/{dist,}config.php - - dodoc changes.txt || die "dodoc failed" - dohtml doc/* || die "dohtml failed" - rm -rf license.txt changes.txt doc/ - - insinto "${MY_HTDOCSDIR}" - doins -r . || die "doins failed" - - webapp_configfile "${MY_HTDOCSDIR}"/include/config.php - webapp_configfile "${MY_HTDOCSDIR}"/wsvn.php - - webapp_serverowned "${MY_HTDOCSDIR}"/cache - - webapp_src_install -}
[gentoo-commits] repo/gentoo:master commit in: www-apps/websvn/
commit: b57cf7f122206d924675cbf201d9fc3a1cbcba49 Author: Jeroen Roovers gentoo org> AuthorDate: Fri Nov 4 13:19:11 2016 + Commit: Jeroen Roovers gentoo org> CommitDate: Fri Nov 4 13:19:11 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b57cf7f1 www-apps/websvn: Stable for PPC64 (bug #552684). Package-Manager: portage-2.3.2 RepoMan-Options: --ignore-arches www-apps/websvn/websvn-2.3.3-r1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/www-apps/websvn/websvn-2.3.3-r1.ebuild b/www-apps/websvn/websvn-2.3.3-r1.ebuild index 0b5b357..f0cd0dc 100644 --- a/www-apps/websvn/websvn-2.3.3-r1.ebuild +++ b/www-apps/websvn/websvn-2.3.3-r1.ebuild @@ -15,7 +15,7 @@ SRC_URI="http://websvn.tigris.org/files/documents/1380/${DOWNLOAD_NUMBER}/${MY_P LICENSE="GPL-2" IUSE="enscript" -KEYWORDS="amd64 ~ppc ~ppc64 ~sparc x86" +KEYWORDS="amd64 ~ppc ppc64 ~sparc x86" DEPEND="" RDEPEND="dev-lang/php:*[xml]
[gentoo-commits] repo/gentoo:master commit in: www-apps/websvn/
commit: 7c747d5c999150159d3f722de58d9932ee63ef14 Author: Agostino Sarubbo gentoo org> AuthorDate: Wed Oct 26 10:13:23 2016 + Commit: Agostino Sarubbo gentoo org> CommitDate: Wed Oct 26 10:13:23 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7c747d5c www-apps/websvn: x86 stable wrt bug #552684 Package-Manager: portage-2.3.0 RepoMan-Options: --include-arches="x86" Signed-off-by: Agostino Sarubbo gentoo.org> www-apps/websvn/websvn-2.3.3-r1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/www-apps/websvn/websvn-2.3.3-r1.ebuild b/www-apps/websvn/websvn-2.3.3-r1.ebuild index 676b7db..0b5b357 100644 --- a/www-apps/websvn/websvn-2.3.3-r1.ebuild +++ b/www-apps/websvn/websvn-2.3.3-r1.ebuild @@ -15,7 +15,7 @@ SRC_URI="http://websvn.tigris.org/files/documents/1380/${DOWNLOAD_NUMBER}/${MY_P LICENSE="GPL-2" IUSE="enscript" -KEYWORDS="amd64 ~ppc ~ppc64 ~sparc ~x86" +KEYWORDS="amd64 ~ppc ~ppc64 ~sparc x86" DEPEND="" RDEPEND="dev-lang/php:*[xml]
[gentoo-commits] repo/gentoo:master commit in: www-apps/websvn/
commit: 5aab8e3bb2a9e33a873899754c2c5355749d676f Author: Agostino Sarubbo gentoo org> AuthorDate: Wed Oct 26 10:12:23 2016 + Commit: Agostino Sarubbo gentoo org> CommitDate: Wed Oct 26 10:12:23 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5aab8e3b www-apps/websvn: amd64 stable wrt bug #552684 Package-Manager: portage-2.3.0 RepoMan-Options: --include-arches="amd64" Signed-off-by: Agostino Sarubbo gentoo.org> www-apps/websvn/websvn-2.3.3-r1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/www-apps/websvn/websvn-2.3.3-r1.ebuild b/www-apps/websvn/websvn-2.3.3-r1.ebuild index 27275ad..676b7db 100644 --- a/www-apps/websvn/websvn-2.3.3-r1.ebuild +++ b/www-apps/websvn/websvn-2.3.3-r1.ebuild @@ -15,7 +15,7 @@ SRC_URI="http://websvn.tigris.org/files/documents/1380/${DOWNLOAD_NUMBER}/${MY_P LICENSE="GPL-2" IUSE="enscript" -KEYWORDS="~amd64 ~ppc ~ppc64 ~sparc ~x86" +KEYWORDS="amd64 ~ppc ~ppc64 ~sparc ~x86" DEPEND="" RDEPEND="dev-lang/php:*[xml]
[gentoo-commits] repo/gentoo:master commit in: www-apps/websvn/
commit: 64a932e34afd0526899980ba45fd887e0c4cf813 Author: Brian Evans gentoo org> AuthorDate: Mon Aug 15 13:02:05 2016 + Commit: Brian Evans gentoo org> CommitDate: Mon Aug 15 13:02:05 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=64a932e3 www-apps/websvn: Drop depend.php eclass and insert the DEPENDs it added This effectively does not change the vdb as the DEPEND and RDEPEND values are the same as they were previously Package-Manager: portage-2.3.0 www-apps/websvn/websvn-2.3.2.ebuild | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/www-apps/websvn/websvn-2.3.2.ebuild b/www-apps/websvn/websvn-2.3.2.ebuild index b01c38a..f6cb952 100644 --- a/www-apps/websvn/websvn-2.3.2.ebuild +++ b/www-apps/websvn/websvn-2.3.2.ebuild @@ -1,10 +1,10 @@ -# Copyright 1999-2011 Gentoo Foundation +# Copyright 1999-2016 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 # $Id$ EAPI="2" -inherit depend.php eutils webapp +inherit eutils webapp MY_P="${P//_/}" @@ -17,13 +17,13 @@ LICENSE="GPL-2" IUSE="enscript" KEYWORDS="amd64 ppc ppc64 ~sparc x86" -DEPEND="" +DEPEND="virtual/httpd-php" RDEPEND="dev-vcs/subversion - enscript? ( app-text/enscript )" + enscript? ( app-text/enscript ) + virtual/httpd-php" RESTRICT="mirror" need_httpd_cgi -need_php_httpd S="${WORKDIR}/${MY_P}"
[gentoo-commits] repo/gentoo:master commit in: www-apps/websvn/
commit: 035bbc024415e995d8ffb968a547dc28ca1cccf8 Author: Brian Evans gentoo org> AuthorDate: Thu Aug 11 18:25:15 2016 + Commit: Brian Evans gentoo org> CommitDate: Thu Aug 11 18:26:32 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=035bbc02 www-apps/websvn: Drop old Package-Manager: portage-2.3.0 www-apps/websvn/websvn-2.3.3.ebuild | 54 - 1 file changed, 54 deletions(-) diff --git a/www-apps/websvn/websvn-2.3.3.ebuild b/www-apps/websvn/websvn-2.3.3.ebuild deleted file mode 100644 index f49970f..000 --- a/www-apps/websvn/websvn-2.3.3.ebuild +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright 1999-2012 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -EAPI="2" - -inherit depend.php eutils webapp - -MY_P="${P//_/}" - -DESCRIPTION="Web-based browsing tool for Subversion (SVN) repositories in PHP" -HOMEPAGE="http://www.websvn.info/ http://websvn.tigris.org/; -DOWNLOAD_NUMBER="49056" -SRC_URI="http://websvn.tigris.org/files/documents/1380/${DOWNLOAD_NUMBER}/${MY_P}.tar.gz; - -LICENSE="GPL-2" -IUSE="enscript" -KEYWORDS="~amd64 ~ppc ~ppc64 ~sparc ~x86" - -DEPEND="" -RDEPEND="dev-vcs/subversion - enscript? ( app-text/enscript )" -RESTRICT="mirror" - -need_httpd_cgi -need_php_httpd - -S="${WORKDIR}/${MY_P}" - -pkg_setup() { - webapp_pkg_setup - has_php - require_php_with_use xml -} - -src_install() { - webapp_src_preinst - - mv include/{dist,}config.php - - dodoc changes.txt || die "dodoc failed" - dohtml doc/* || die "dohtml failed" - rm -rf license.txt changes.txt doc/ - - insinto "${MY_HTDOCSDIR}" - doins -r . || die "doins failed" - - webapp_configfile "${MY_HTDOCSDIR}"/include/config.php - webapp_configfile "${MY_HTDOCSDIR}"/wsvn.php - - webapp_serverowned "${MY_HTDOCSDIR}"/cache - - webapp_src_install -}
[gentoo-commits] repo/gentoo:master commit in: www-apps/websvn/files/, www-apps/websvn/
commit: 196fa9022f136bcbd82ab6f52a8d4c617b0603d6 Author: Brian Evans gentoo org> AuthorDate: Thu Aug 11 18:21:29 2016 + Commit: Brian Evans gentoo org> CommitDate: Thu Aug 11 18:26:27 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=196fa902 www-apps/websvn: Non-maintainer security revision bump and EAPI cleanup Remove the deprecated depend.php wrt bug 552838 Include Debian security patches wrt bug 552684, bug 575486, and bug 582234 Package-Manager: portage-2.3.0 .../websvn/files/13_security_CVE-2013-6892.patch | 39 ++ www-apps/websvn/files/30_CVE-2016-2511.patch | 11 www-apps/websvn/files/31_CVE-2016-1236.patch | 61 ++ www-apps/websvn/websvn-2.3.3-r1.ebuild | 54 +++ 4 files changed, 165 insertions(+) diff --git a/www-apps/websvn/files/13_security_CVE-2013-6892.patch b/www-apps/websvn/files/13_security_CVE-2013-6892.patch new file mode 100644 index 000..ffb14e8 --- /dev/null +++ b/www-apps/websvn/files/13_security_CVE-2013-6892.patch @@ -0,0 +1,39 @@ +Arbitrary files with a known path can be accessed in websvn by committing a +symlink to a repository and then downloading the file (using the download +link). + +Author: Thijs Kinkhorst+ +https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775682 + +diff -ur oud/dl.php nieuw/dl.php +--- oud/dl.php 2015-01-18 16:03:30.688791512 +0100 nieuw/dl.php 2015-01-18 16:27:00.950897749 +0100 +@@ -137,6 +137,18 @@ + exit(0); + } + ++ // For security reasons, disallow direct downloads of filenames that ++ // are a symlink, since they may be a symlink to anywhere (/etc/passwd) ++ // Deciding whether the symlink is relative and legal within the ++ // repository would be nice but seems to error prone at this moment. ++ if ( is_link($tempDir.DIRECTORY_SEPARATOR.$archiveName) ) { ++ header('HTTP/1.x 500 Internal Server Error', true, 500); ++ error_log('to be downloaded file is symlink, aborting: '.$archiveName); ++ print 'Download of symlinks disallowed: "'.xml_entities($archiveName).'".'; ++ removeDirectory($tempDir); ++ exit(0); ++ } ++ + // Set timestamp of exported directory (and subdirectories) to timestamp of + // the revision so every archive of a given revision has the same timestamp. + $revDate = $logEntry->date; +@@ -180,7 +192,7 @@ + $downloadMimeType = 'application/x-zip'; + $downloadArchive .= '.zip'; + // Create zip file +- $cmd = $config->zip.' -r '.quote($downloadArchive).' '.quote($archiveName); ++ $cmd = $config->zip.' --symlinks -r '.quote($downloadArchive).' '.quote($archiveName); + execCommand($cmd, $retcode); + if ($retcode != 0) { + error_log('Unable to call zip command: '.$cmd); diff --git a/www-apps/websvn/files/30_CVE-2016-2511.patch b/www-apps/websvn/files/30_CVE-2016-2511.patch new file mode 100644 index 000..9c270bb --- /dev/null +++ b/www-apps/websvn/files/30_CVE-2016-2511.patch @@ -0,0 +1,11 @@ +--- orig/include/setup.php 2016-02-19 16:02:05.674756241 +0100 new/include/setup.php 2016-02-19 16:02:10.166832543 +0100 +@@ -467,7 +467,7 @@ + $vars['validationurl'] = getFullURL($_SERVER['SCRIPT_NAME']).'?'.buildQuery($queryParams + array('template' => $template, 'language' => $language), '%26'); + + // To avoid a possible XSS exploit, need to clean up the passed-in path first +-$path = !empty($_REQUEST['path']) ? $_REQUEST['path'] : null; ++$path = !empty($_REQUEST['path']) ? escape($_REQUEST['path']) : null; + if ($path === null || $path === '') + $path = '/'; + $vars['safepath'] = escape($path); diff --git a/www-apps/websvn/files/31_CVE-2016-1236.patch b/www-apps/websvn/files/31_CVE-2016-1236.patch new file mode 100644 index 000..13ff2be --- /dev/null +++ b/www-apps/websvn/files/31_CVE-2016-1236.patch @@ -0,0 +1,61 @@ +Description: CVE-2016-1236: XSS via directory or file in a repository containing XSS payload +Origin: vendor +Forwarded: no +Author: Nitin Venkatesh +Reviewed-by: Salvatore Bonaccorso +Last-Update: 2016-05-08 + +--- a/revision.php b/revision.php +@@ -145,7 +145,7 @@ if ($rep) { + } + $resourceExisted = $change->action == 'M' || $change->copyfrom; + $listing[] = array( +- 'path' => $change->path, ++ 'path' => escape($change->path), + 'oldpath' => $change->copyfrom ? $change->copyfrom.' @ '.$change->copyrev : '', + 'action' => $change->action, + 'added' => $change->action == 'A', +--- a/log.php b/log.php +@@ -323,6 +323,9 @@ if ($rep) { +