head 1.2; access; symbols pkgsrc-2017Q1:1.1.0.2; locks; strict; comment @# @; 1.2 date 2017.05.21.07.16.49; author ryoon; state dead; branches; next 1.1; commitid K1wsbRl2VeXE6eSz; 1.1 date 2017.04.17.09.57.14; author maya; state Exp; branches 1.1.2.1; next ; commitid KU2CCoRd22lN4SNz; 1.1.2.1 date 2017.04.17.09.57.14; author bsiegert; state dead; branches; next 1.1.2.2; commitid fjdxkrEEGFiv3UNz; 1.1.2.2 date 2017.04.17.15.52.46; author bsiegert; state Exp; branches; next ; commitid fjdxkrEEGFiv3UNz; desc @@ 1.2 log @Update to 2.4.1 * This version works with PHP 7.1.5 Changelog: 2.4.1: 0022428: [markdown] CSV and Excel exports with markdown on (vboctor) 0022906: [security] CVE-2017-7620: Open redirection vulnerability in /login_page.php (dregad) 0022909: [security] CVE-2017-7620: CSRF - Arbitrary Permalink Injection (dregad) 0022867: [markdown] Markdown formatting is broken for notes column on View Issues page (vboctor) 2.4.0: 0021558: [ui] log destination for page produces messed output (syncguru) 0022665: [documentation] Wrong documentation of option bug_resolution_fixed_threshold (atrol) 0022689: [bugtracker] HTTP_X_FORWARDED_PROTO is not honored when loading Gravatar (vboctor) 0022744: [signup] Signup is not working on mantisbt.org/bugs (vboctor) 0022740: [performance] Allowed memory size of 268435456 bytes exhausted (vboctor) 0004235: [authentication] Support Generic Authentication through Plug-ins (vboctor) 0022140: [administration] Getting error dialog when reporting issues and file upload is disabled (cproensa) 0022635: [time tracking] Empty notes with time tracking show as empty notes for users that can't view time tracking (vboctor) 0022673: [attachments] Dropzone uploads files when submitting other forms (cproensa) 0022762: [api rest] Bug in error handling when user doesn't have access level to handle issue (vboctor) @ text @$NetBSD: patch-verify.php,v 1.1 2017/04/17 09:57:14 maya Exp $ Patch CVE-2017-7615 from http://www.mantisbt.org/blog/?p=518 --- verify.php.orig 2016-08-28 04:50:59.000000000 +0000 +++ verify.php @@@@ -63,7 +63,7 @@@@ if( auth_is_user_authenticated() ) { $t_token_confirm_hash = token_get_value( TOKEN_ACCOUNT_ACTIVATION, $f_user_id ); -if( $f_confirm_hash != $t_token_confirm_hash ) { +if( $t_token_confirm_hash == null || $f_confirm_hash !== $t_token_confirm_hash ) { trigger_error( ERROR_LOST_PASSWORD_CONFIRM_HASH_INVALID, ERROR ); } @ 1.1 log @mantisBT: patch CVE-2017-7615, allowing any user to authenticate as admin using upstream provided patch. XXX THIS IS THE WRONG FIX, PACKAGE SHOULD BE UPDATED TO LATEST VERSION bump PKGREVISION @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @file patch-verify.php was added on branch pkgsrc-2017Q1 on 2017-04-17 15:52:46 +0000 @ text @d1 16 @ 1.1.2.2 log @Pullup ticket #5300 - requested by maya devel/mantis: security fix Revisions pulled up: - devel/mantis/Makefile 1.49 - devel/mantis/distinfo 1.20 - devel/mantis/patches/patch-verify.php 1.1 --- Module Name: pkgsrc Committed By: maya Date: Mon Apr 17 09:57:14 UTC 2017 Modified Files: pkgsrc/devel/mantis: Makefile distinfo Added Files: pkgsrc/devel/mantis/patches: patch-verify.php Log Message: mantisBT: patch CVE-2017-7615, allowing any user to authenticate as admin using upstream provided patch. XXX THIS IS THE WRONG FIX, PACKAGE SHOULD BE UPDATED TO LATEST VERSION bump PKGREVISION @ text @a0 16 $NetBSD: patch-verify.php,v 1.1 2017/04/17 09:57:14 maya Exp $ Patch CVE-2017-7615 from http://www.mantisbt.org/blog/?p=518 --- verify.php.orig 2016-08-28 04:50:59.000000000 +0000 +++ verify.php @@@@ -63,7 +63,7 @@@@ if( auth_is_user_authenticated() ) { $t_token_confirm_hash = token_get_value( TOKEN_ACCOUNT_ACTIVATION, $f_user_id ); -if( $f_confirm_hash != $t_token_confirm_hash ) { +if( $t_token_confirm_hash == null || $f_confirm_hash !== $t_token_confirm_hash ) { trigger_error( ERROR_LOST_PASSWORD_CONFIRM_HASH_INVALID, ERROR ); } @