head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.2 pkgsrc-2013Q2-base:1.2 pkgsrc-2013Q1:1.1.0.4 pkgsrc-2013Q1-base:1.1 pkgsrc-2012Q4:1.1.0.2; locks; strict; comment @# @; 1.2 date 2013.04.02.16.00.10; author taca; state dead; branches; next 1.1; 1.1 date 2013.01.21.12.43.23; author taca; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2013.01.21.12.43.23; author tron; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2013.01.23.20.18.31; author tron; state Exp; branches; next ; desc @@ 1.2 log @Update phpldapadmin to 1.2.3. * There was a mistake in patches/patch-lib_functions.php, droping "ssha" password type. 2012-10-01 Release 1.2.3 master RELEASE-1.2.3 2012-10-01 Update template to show multiselect values 2012-09-06 Language update from launchpad for 1.2.3 (also see #30) 2012-09-05 SF Bug #3531956 - Search / Show Attributes must be lowercase 2012-09-05 SF Bug #3518548 - Missing attributes on some custom forms 2012-09-05 SF Bug #3513210 - Export to VCARD only exports the last entry in the list 2012-09-05 SF Bug #3510648 - Cannot copy between servers 2012-09-05 SF Bug #3510114 - Unable to check passwords when samba hashes are in lowercase 2012-09-05 SF Bug #3452416 - templates non-functional 2012-09-05 SF Bug #3427748 - value id is ignored in select attribute 2012-09-04 SF Bug #3448530 - Treat krbExtraData and krbPrincipalKe as binary 2012-09-02 SF Bug #3497660 - XSS flaws via 'export', 'add_value_form' and 'dn' variables 2012-09-02 SF Bug #3426575 - clicking 'logout' does not unset _SESSION['ACTIVITY'] 2012-09-01 SF Feature #3555472 - User-friendly items in entry chooser window. 2012-09-01 SF Feature #3509651 - Add support for SHA512 with OpenLDAP 2012-08-29 SF Patch #3469148 - Display mass edit actions as buttons 2012-01-24 SF Bug #3477910 - XSS vulnerability in query @ text @$NetBSD: patch-htdocs_logout.php,v 1.1 2013/01/21 12:43:23 taca Exp $ o Unset $_SESSION['ACTIVITY'] on logout from repository, 88d41216f957f98bb0a22b1af779df964580fd5c. --- htdocs/logout.php.orig 2011-10-27 02:07:09.000000000 +0000 +++ htdocs/logout.php @@@@ -11,13 +11,16 @@@@ require './common.php'; -if ($app['server']->logout()) +if ($app['server']->logout()) { + unset($_SESSION['ACTIVITY'][$app['server']->getIndex()]); + system_message(array( - 'title'=>_('Authenticate to server'), + 'title'=>_('Logout from Server'), 'body'=>_('Successfully logged out of server.'), 'type'=>'info'), sprintf('index.php?server_id=%s',$app['server']->getIndex())); -else + +} else system_message(array( 'title'=>_('Failed to Logout of server'), 'body'=>_('Please report this error to the admins.'), @ 1.1 log @Add some patches from development repository. * Add fix for CVE-2012-1114/CVE-2012-1115 from repository. * Unset $_SESSION['ACTIVITY'] on logout from repository. * Fix XSS in query from repository. * Add support for SHA512 with OpenLDAP from repository. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @file patch-htdocs_logout.php was added on branch pkgsrc-2012Q4 on 2013-01-23 20:18:31 +0000 @ text @d1 27 @ 1.1.2.2 log @Pullup ticket #4033 - requested by taca pkgsrc/databases/phpldapadmin: security patch Revisions pulled up: - databases/phpldapadmin/Makefile 1.34 - databases/phpldapadmin/distinfo 1.12-1.13 - databases/phpldapadmin/patches/patch-htdocs_add__value__form.php 1.1 - databases/phpldapadmin/patches/patch-htdocs_export.php 1.1 - databases/phpldapadmin/patches/patch-htdocs_logout.php 1.1 - databases/phpldapadmin/patches/patch-lib_QueryRender.php 1.1-1.2 - databases/phpldapadmin/patches/patch-lib_export__functions.php 1.1 - databases/phpldapadmin/patches/patch-lib_functions.php 1.1 --- Module Name: pkgsrc Committed By: taca Date: Mon Jan 21 12:43:23 UTC 2013 Modified Files: pkgsrc/databases/phpldapadmin: Makefile distinfo Added Files: pkgsrc/databases/phpldapadmin/patches: patch-htdocs_add__value__form.php patch-htdocs_export.php patch-htdocs_logout.php patch-lib_QueryRender.php patch-lib_export__functions.php patch-lib_functions.php Log Message: Add some patches from development repository. * Add fix for CVE-2012-1114/CVE-2012-1115 from repository. * Unset $_SESSION['ACTIVITY'] on logout from repository. * Fix XSS in query from repository. * Add support for SHA512 with OpenLDAP from repository. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: obache Date: Tue Jan 22 11:49:33 UTC 2013 Modified Files: pkgsrc/databases/phpldapadmin: distinfo pkgsrc/databases/phpldapadmin/patches: patch-lib_QueryRender.php Log Message: Note CVE-2012-0834 @ text @a0 27 $NetBSD$ o Unset $_SESSION['ACTIVITY'] on logout from repository, 88d41216f957f98bb0a22b1af779df964580fd5c. --- htdocs/logout.php.orig 2011-10-27 02:07:09.000000000 +0000 +++ htdocs/logout.php @@@@ -11,13 +11,16 @@@@ require './common.php'; -if ($app['server']->logout()) +if ($app['server']->logout()) { + unset($_SESSION['ACTIVITY'][$app['server']->getIndex()]); + system_message(array( - 'title'=>_('Authenticate to server'), + 'title'=>_('Logout from Server'), 'body'=>_('Successfully logged out of server.'), 'type'=>'info'), sprintf('index.php?server_id=%s',$app['server']->getIndex())); -else + +} else system_message(array( 'title'=>_('Failed to Logout of server'), 'body'=>_('Please report this error to the admins.'), @