head	1.3;
access;
symbols
	pkgsrc-2013Q2:1.3.0.28
	pkgsrc-2013Q2-base:1.3
	pkgsrc-2012Q4:1.3.0.26
	pkgsrc-2012Q4-base:1.3
	pkgsrc-2011Q4:1.3.0.24
	pkgsrc-2011Q4-base:1.3
	pkgsrc-2011Q2:1.3.0.22
	pkgsrc-2011Q2-base:1.3
	pkgsrc-2009Q4:1.3.0.20
	pkgsrc-2009Q4-base:1.3
	pkgsrc-2008Q4:1.3.0.18
	pkgsrc-2008Q4-base:1.3
	pkgsrc-2008Q3:1.3.0.16
	pkgsrc-2008Q3-base:1.3
	cube-native-xorg:1.3.0.14
	cube-native-xorg-base:1.3
	pkgsrc-2008Q2:1.3.0.12
	pkgsrc-2008Q2-base:1.3
	pkgsrc-2008Q1:1.3.0.10
	pkgsrc-2008Q1-base:1.3
	pkgsrc-2007Q4:1.3.0.8
	pkgsrc-2007Q4-base:1.3
	pkgsrc-2007Q3:1.3.0.6
	pkgsrc-2007Q3-base:1.3
	pkgsrc-2007Q2:1.3.0.4
	pkgsrc-2007Q2-base:1.3
	pkgsrc-2007Q1:1.3.0.2
	pkgsrc-2007Q1-base:1.3;
locks; strict;
comment	@# @;


1.3
date	2007.04.05.23.24.03;	author hira;	state dead;
branches;
next	1.2;

1.2
date	2007.04.02.01.25.49;	author hira;	state Exp;
branches;
next	1.1;

1.1
date	2007.04.01.23.51.00;	author hira;	state Exp;
branches;
next	;


desc
@@


1.3
log
@Update to 2.2.0.  OK'd by wiz@@ for update during freeze.

Release Notes:
 http://development.openoffice.org/releases/2.2.0.html

Changes:
 - Fix CVE-2007-0002, CVE-2007-0238, CVE-2007-0239.
 - field lengths of bibliography database changed.
 - UTF-8 encoding for dBase databases.
 - "Edit in SQL View..." command for database queries.
 - forms: date and time fields do not default to "Today" and "Now" anymore.
 - query/relation design: visual marker indicating the type of table/query.
 - advanced database setting: "Use keyword AS before table alias names".
 - Annoying focus behavior of OOo was fixed.
 - scaling in spadmin page property page deleted.
 - Additional options for pdf export.
 - Desktop-Integration package for slackware.
 - Show/Hide Slide menu entry split into two entries.
 - Support for NetBSD, Linux 64 bit, Linux SPARC in TestTool Environment.
 - New behavior of "Insert - Sheet From File".
 - Import MS Excel files with PivotTables based on external data.
 - Insert/Delete Note in cell context menu.
 - some UNO Remote Protocol (URP) changes.
 - Extension Dependency OpenOffice.org-minimal-version.
 - Export COT, ACOT, COTH, and ACOTH to MS Excel files.
 - System integration for extensions.
 - Online Update for Extensions.
 - Localization of UNO Dialogs.
 - OOo no longer generates sensitive UUIDs.
 - Autokerning enabled by default.
 - CVS import dialog for unformatted clipboard text.
 - Ordinal suffix in AutoFill.
 - simple protocolhandler add-on support in uno-skeletonmaker.
 - Autokerning enabled by default.
 - Create Tango icon set for OO.o.
 - Add localisation support to UNO dialogs and IDE Dialog Editor.
 - extend add-on support in the uno-skeletonmaker.
 - Upgrade icu to latest version.
 - Implement an optional help section in the ObjectInspector.
 - additional PDF export features
 - makes localize.sdf files optional.
 - Add/update Slovenian templates for 2.1.
 - update of icons.
 - changes for soffice script.
 - implement shaped system windows.
 - Updates of OOo <-> ATK bridge.
 - #139464# use #REF! errors in formulas using cells from missing
   external linked sheets.
 - Tooling fixes for CWS and MWS handling.
 - Remove SISSL from module filter.
 - make the 'automatic update check' more consistent.
 - code only cws, adds infrastructure for vba interop project.
 - Prepare framework code to support inplace active objects that are
   not UIactive.
 - Some bugs, some very minor UNO runtime features.
 - Changed context menu (insert/delete note) for Calc cells.
 - new buildsystem features.
 - Improve line height compatibility on UNX platforms while keeping
   the layout backwards compatible.
 - Preparing installation of extensions in installation sets.
 - osl[in|de]crementInterlockedCount(): don't use "lock" prefix on
   single processor, single core, non HT machines.
 - Clean up obsolete files in binfilter.
 - Bug fixes.
@
text
@$NetBSD: patch-cg,v 1.2 2007/04/02 01:25:49 hira Exp $

Security fixes for CVE-2007-0239.  This has been fixed in OOo 2.2.

--- shell/source/unix/exec/shellexec.cxx.orig	2006-12-02 02:57:03.000000000 +0900
+++ shell/source/unix/exec/shellexec.cxx	2007-04-02 10:07:28.000000000 +0900
@@@@ -52,10 +52,6 @@@@
 #include <osl/file.hxx>
 #endif
 
-#ifndef _RTL_STRBUF_HXX_
-#include <rtl/strbuf.hxx>
-#endif
-
 #ifndef _RTL_USTRBUF_HXX_
 #include <rtl/ustrbuf.hxx>
 #endif
@@@@ -124,6 +120,20 @@@@
     }
 }
 
+void escapeForShell( rtl::OStringBuffer & rBuffer, const rtl::OString & rURL)
+{
+    sal_Int32 nmax = rURL.getLength();
+    for(sal_Int32 n=0; n < nmax; ++n)
+    {
+        // escape every non alpha numeric characters (excluding a few "known good") by prepending a '\'
+        sal_Char c = rURL[n];
+        if( ( c < 'A' || c > 'Z' ) && ( c < 'a' || c > 'z' ) && ( c < '0' || c > '9' )  && c != '/' && c != '.' )
+            rBuffer.append( '\\' );
+        
+        rBuffer.append( c );
+    }
+}
+
 //-----------------------------------------------------------------------------------------
 // 
 //-----------------------------------------------------------------------------------------
@@@@ -208,7 +218,7 @@@@
         OString aTmp = OUStringToOString(aProgram, osl_getThreadTextEncoding());
         nIndex = aTmp.lastIndexOf('/');
         if (nIndex > 0)
-            aBuffer.append(aTmp.copy(0, nIndex+1));
+            escapeForShell(aBuffer, aTmp.copy(0, nIndex+1));
             
         // Respect the desktop environment - if there is an executable named 
         // <desktop-environement-is>-open-url, pass the url to this one instead
@@@@ -236,21 +246,19 @@@@
              
         aBuffer.append("open-url");
 #endif
-        aBuffer.append(" \'");
-        aBuffer.append(OUStringToOString(aURL, osl_getThreadTextEncoding()));
-        aBuffer.append("\'");
+        aBuffer.append(" ");
+        escapeForShell(aBuffer, OUStringToOString(aURL, osl_getThreadTextEncoding()));
         
         if ( pDesktopLaunch && *pDesktopLaunch )
         {
             aLaunchBuffer.append( pDesktopLaunch );
-            aLaunchBuffer.append( " \'" );
-            aLaunchBuffer.append(OUStringToOString(aURL, osl_getThreadTextEncoding()));
-            aLaunchBuffer.append( "\'" );
+            aLaunchBuffer.append(" ");
+            escapeForShell(aLaunchBuffer, OUStringToOString(aURL, osl_getThreadTextEncoding()));
         }
     } else {
-        aBuffer.append(OUStringToOString(aCommand, osl_getThreadTextEncoding()));
+        escapeForShell(aBuffer, OUStringToOString(aCommand, osl_getThreadTextEncoding()));
         aBuffer.append(" ");
-        aBuffer.append(OUStringToOString(aParameter, osl_getThreadTextEncoding()));
+        escapeForShell(aBuffer, OUStringToOString(aParameter, osl_getThreadTextEncoding()));
     }
     
     // Prefer DESKTOP_LAUNCH when available
@


1.2
log
@Fix incorrect patches.
@
text
@d1 1
a1 1
$NetBSD$
@


1.1
log
@Fix the following four vulnerabilities.

 CVE-2007-0002: Multiple Vendor libwpd Multiple Buffer Overflow Vulnerabilities
 CVE-2007-0238: Manipulated StarCalc files can lead to arbitrary code execution
 CVE-2007-0239: Security Vulnerability in StarOffice/StarSuite URL Handler
 CVE-2007-1466: Multiple Vendor libwpd Multiple Buffer Overflow Vulnerabilities
                (splitted from CVE-2007-0002)

Fixes for CVE-2007-0238 and CVE-2007-0239 from OOo 2.2.
Fixes for CVE-2007-0002 and CVE-2007-1466 by external libwpd.
Bump PKGREVISION.
@
text
@d6 1
a6 13
+++ shell/source/unix/exec/shellexec.cxx	2007-01-19 22:06:10.000000000 +0900
@@@@ -4,9 +4,9 @@@@
  *
  *  $RCSfile: shellexec.cxx,v $
  *
- *  $Revision: 1.15 $
+ *  $Revision: 1.15.30.1 $
  *
- *  last change: $Author: obo $ $Date: 2006/09/17 01:41:54 $
+ *  last change: $Author: rt $ $Date: 2007/01/19 13:06:10 $
  *
  *  The Contents of this file are made available subject to
  *  the terms of GNU Lesser General Public License Version 2.1.
@