head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.10 pkgsrc-2013Q2-base:1.2 pkgsrc-2012Q4:1.2.0.8 pkgsrc-2012Q4-base:1.2 pkgsrc-2011Q4:1.2.0.6 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q2:1.2.0.4 pkgsrc-2011Q2-base:1.2 pkgsrc-2009Q4:1.2.0.2 pkgsrc-2009Q4-base:1.2 pkgsrc-2009Q1:1.1.0.10 pkgsrc-2009Q1-base:1.1 pkgsrc-2008Q4:1.1.0.8 pkgsrc-2008Q4-base:1.1 pkgsrc-2008Q3:1.1.0.6 pkgsrc-2008Q3-base:1.1 cube-native-xorg:1.1.0.4 cube-native-xorg-base:1.1 pkgsrc-2008Q2:1.1.0.2; locks; strict; comment @# @; 1.2 date 2009.05.26.14.19.29; author taca; state dead; branches; next 1.1; 1.1 date 2008.09.09.14.34.13; author taca; state Exp; branches 1.1.2.1 1.1.10.1; next ; 1.1.2.1 date 2008.09.09.14.34.13; author tron; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2008.09.10.10.30.49; author tron; state Exp; branches; next ; 1.1.10.1 date 2009.05.30.21.14.02; author tron; state dead; branches; next ; desc @@ 1.2 log @Update geeklog package from 1.4.1nb4 to 1.5.2.4 (1.5.2sr4). pkgsrc changes: overhaul this package. * Add LICENSE. * Clean up bmake's macros, such as addition of PRINT_PLIST_AWK. Geeklog changes: too many chagnes to write here. * New user-friendly installation. * New Configuration GUI. * New Webservice GUI. * And more. Please refer http://www.geeklog.net/docs/english/changes.html for more information. Fixed some security problems about SQL injection vulnerability. @ text @$NetBSD: patch-ai,v 1.1 2008/09/09 14:34:13 taca Exp $ Security fix for FCKeditor uploading files. --- public_html/fckeditor/editor/filemanager/upload/php/upload.php.orig 2006-06-18 06:25:36.000000000 +0900 +++ public_html/fckeditor/editor/filemanager/upload/php/upload.php @@@@ -18,6 +18,10 @@@@ * Frederico Caldeira Knabben (fredck@@fckeditor.net) */ +if (strpos($_SERVER['PHP_SELF'], 'upload.php') !== false) { + die('This file can not be used on its own!'); +} + require('config.php') ; require('util.php') ; @ 1.1 log @Add security fix of FCKeditor. http://www.geeklog.net/article.php/file-uploads Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD$ @ 1.1.10.1 log @Pullup ticket #2782 - requested by taca geeklog: security update Revisions pulled up: - www/geeklog/DEINSTALL 1.5 - www/geeklog/INSTALL 1.4 - www/geeklog/Makefile 1.22 - www/geeklog/Makefile.common 1.7 - www/geeklog/PLIST 1.8 - www/geeklog/distinfo 1.9 - www/geeklog/files/README 1.4 - www/geeklog/files/createdb.php delete - www/geeklog/files/geeklog.conf 1.2 - www/geeklog/patches/patch-aa 1.3 - www/geeklog/patches/patch-ab delete - www/geeklog/patches/patch-ac delete - www/geeklog/patches/patch-ag delete - www/geeklog/patches/patch-ah delete - www/geeklog/patches/patch-ai delete - www/geeklog/patches/patch-aj 1.1 --- Module Name: pkgsrc Committed By: taca Date: Tue May 26 14:19:29 UTC 2009 Modified Files: pkgsrc/www/geeklog: DEINSTALL INSTALL Makefile Makefile.common PLIST distinfo pkgsrc/www/geeklog/files: README geeklog.conf pkgsrc/www/geeklog/patches: patch-aa Added Files: pkgsrc/www/geeklog/patches: patch-aj Removed Files: pkgsrc/www/geeklog/files: createdb.php pkgsrc/www/geeklog/patches: patch-ab patch-ac patch-ag patch-ah patch-ai Log Message: Update geeklog package from 1.4.1nb4 to 1.5.2.4 (1.5.2sr4). pkgsrc changes: overhaul this package. * Add LICENSE. * Clean up bmake's macros, such as addition of PRINT_PLIST_AWK. Geeklog changes: too many chagnes to write here. * New user-friendly installation. * New Configuration GUI. * New Webservice GUI. * And more. Please refer http://www.geeklog.net/docs/english/changes.html for more information. Fixed some security problems about SQL injection vulnerability. @ text @d1 1 a1 1 $NetBSD: patch-ai,v 1.1 2008/09/09 14:34:13 taca Exp $ @ 1.1.2.1 log @file patch-ai was added on branch pkgsrc-2008Q2 on 2008-09-10 10:30:49 +0000 @ text @d1 17 @ 1.1.2.2 log @Pullup ticket #2522 - requested by taca geeklog: security patch Revisions pulled up: - www/geeklog/Makefile 1.20 - www/geeklog/distinfo 1.8 - www/geeklog/patches/patch-ai 1.1 --- Module Name: pkgsrc Committed By: taca Date: Tue Sep 9 14:34:13 UTC 2008 Modified Files: pkgsrc/www/geeklog: Makefile distinfo Added Files: pkgsrc/www/geeklog/patches: patch-ai Log Message: Add security fix of FCKeditor. http://www.geeklog.net/article.php/file-uploads Bump PKGREVISION. @ text @a0 17 $NetBSD: patch-ai,v 1.1 2008/09/09 14:34:13 taca Exp $ Security fix for FCKeditor uploading files. --- public_html/fckeditor/editor/filemanager/upload/php/upload.php.orig 2006-06-18 06:25:36.000000000 +0900 +++ public_html/fckeditor/editor/filemanager/upload/php/upload.php @@@@ -18,6 +18,10 @@@@ * Frederico Caldeira Knabben (fredck@@fckeditor.net) */ +if (strpos($_SERVER['PHP_SELF'], 'upload.php') !== false) { + die('This file can not be used on its own!'); +} + require('config.php') ; require('util.php') ; @