head 1.4; access; symbols pkgsrc-2013Q2:1.4.0.32 pkgsrc-2013Q2-base:1.4 pkgsrc-2012Q4:1.4.0.30 pkgsrc-2012Q4-base:1.4 pkgsrc-2011Q4:1.4.0.28 pkgsrc-2011Q4-base:1.4 pkgsrc-2011Q2:1.4.0.26 pkgsrc-2011Q2-base:1.4 pkgsrc-2009Q4:1.4.0.24 pkgsrc-2009Q4-base:1.4 pkgsrc-2008Q4:1.4.0.22 pkgsrc-2008Q4-base:1.4 pkgsrc-2008Q3:1.4.0.20 pkgsrc-2008Q3-base:1.4 cube-native-xorg:1.4.0.18 cube-native-xorg-base:1.4 pkgsrc-2008Q2:1.4.0.16 pkgsrc-2008Q2-base:1.4 pkgsrc-2008Q1:1.4.0.14 pkgsrc-2008Q1-base:1.4 pkgsrc-2007Q4:1.4.0.12 pkgsrc-2007Q4-base:1.4 pkgsrc-2007Q3:1.4.0.10 pkgsrc-2007Q3-base:1.4 pkgsrc-2007Q2:1.4.0.8 pkgsrc-2007Q2-base:1.4 pkgsrc-2007Q1:1.4.0.6 pkgsrc-2007Q1-base:1.4 pkgsrc-2006Q4:1.4.0.4 pkgsrc-2006Q4-base:1.4 pkgsrc-2006Q3:1.4.0.2 pkgsrc-2006Q3-base:1.4 pkgsrc-2006Q2:1.3.0.2 pkgsrc-2006Q2-base:1.3 pkgsrc-2006Q1:1.2.0.20 pkgsrc-2006Q1-base:1.2 pkgsrc-2005Q4:1.2.0.18 pkgsrc-2005Q4-base:1.2 pkgsrc-2005Q3:1.2.0.16 pkgsrc-2005Q3-base:1.2 pkgsrc-2005Q2:1.2.0.14 pkgsrc-2005Q2-base:1.2 pkgsrc-2005Q1:1.2.0.12 pkgsrc-2005Q1-base:1.2 pkgsrc-2004Q4:1.2.0.10 pkgsrc-2004Q4-base:1.2 pkgsrc-2004Q3:1.2.0.8 pkgsrc-2004Q3-base:1.2 pkgsrc-2004Q2:1.2.0.6 pkgsrc-2004Q2-base:1.2 pkgsrc-2004Q1:1.2.0.4 pkgsrc-2004Q1-base:1.2 pkgsrc-2003Q4:1.2.0.2 pkgsrc-2003Q4-base:1.2 buildlink2-base:1.2 netbsd-1-5-PATCH001:1.1.1.1 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.4 date 2006.07.13.20.41.51; author adrianp; state dead; branches 1.4.14.1; next 1.3; 1.3 date 2006.06.16.09.23.21; author adrianp; state Exp; branches 1.3.2.1; next 1.2; 1.2 date 2002.02.01.22.41.17; author bouyer; state dead; branches; next 1.1; 1.1 date 2001.02.12.15.26.05; author jlam; state Exp; branches 1.1.1.1; next ; 1.4.14.1 date 2008.06.26.19.44.35; author tron; state Exp; branches; next ; 1.3.2.1 date 2006.07.23.14.46.05; author salo; state dead; branches; next ; 1.1.1.1 date 2001.02.12.15.26.05; author jlam; state Exp; branches; next ; desc @@ 1.4 log @Update to 3.1.2 Major changes compared to Horde 3.1.1 are: * Security Fixes - Closed XSS problems in dereferrer (IE only), help viewer and problem reporting screen. - Removed unused image proxy code from dereferrer. * Bugfixes and improvements - Added configuration option to disable GET-based sessions. - Added Oracle and generic SQL upgrade scripts. - Improved default charset support. - Improved API and RPC interface. - Fixed the preference cache. The full list of changes (from version 3.1.1) can be viewed here: http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.231&r2=1.515.2.252&ty=h @ text @$NetBSD: patch-ab,v 1.3 2006/06/16 09:23:21 adrianp Exp $ --- test.php.orig 2006-06-14 09:30:57.000000000 +0100 +++ test.php @@@@ -250,12 +250,12 @@@@ if (!empty($_GET['mode'])) { exit; case 'phpinfo': - echo '<< Back to test.php'; + echo '<< Back to test.php'; phpinfo(); exit; case 'filetest': - echo '<< Back to test.php'; + echo '<< Back to test.php'; ?> @ 1.4.14.1 log @Pullup ticket #2435 - requested by adrianp Security patch for horde Manually add backport of the following fix: - http://lists.horde.org/archives/announce/2008/000415.html @ text @d1 1 a1 1 $NetBSD$ d3 4 a6 13 --- services/obrowser/index.php.orig 2007-01-02 13:55:16.000000000 +0000 +++ services/obrowser/index.php @@@@ -90,10 +90,10 @@@@ foreach ($list as $path => $values) { if (!empty($values['browseable'])) { $url = Horde::applicationUrl('services/obrowser/'); $url = Util::addParameter($url, 'path', $path); - $row['name'] = Horde::link($url) . $values['name'] . ''; + $row['name'] = Horde::link($url) . htmlspecialchars($values['name']) . ''; } else { $js = "return chooseObject('" . addslashes($path) . "');"; - $row['name'] = Horde::link('#', sprintf(_("Choose %s"), $values['name']), '', '', $js) . $values['name'] . ''; + $row['name'] = Horde::link('#', sprintf(_("Choose %s"), $values['name']), '', '', $js) . htmlspecialchars($values['name']) . ''; } d8 12 a19 1 $rows[] = $row; @ 1.3 log @Bump to 3.1.1nb2 to address recent XSS issue (patches from Horde CVS) @ text @d1 1 a1 1 $NetBSD$ @ 1.3.2.1 log @Pullup ticket 1747 - requested by adrianp security update for horde Revisions pulled up: - pkgsrc/www/horde/Makefile 1.46 - pkgsrc/www/horde/PLIST 1.12 - pkgsrc/www/horde/distinfo 1.15 - pkgsrc/www/horde/patches/patch-ab removed - pkgsrc/www/horde/patches/patch-ac removed Module Name: pkgsrc Committed By: adrianp Date: Thu Jul 13 20:41:52 UTC 2006 Modified Files: pkgsrc/www/horde: PLIST distinfo Removed Files: pkgsrc/www/horde/patches: patch-ab patch-ac Log Message: Update to 3.1.2 Major changes compared to Horde 3.1.1 are: * Security Fixes - Closed XSS problems in dereferrer (IE only), help viewer and problem reporting screen. - Removed unused image proxy code from dereferrer. * Bugfixes and improvements - Added configuration option to disable GET-based sessions. - Added Oracle and generic SQL upgrade scripts. - Improved default charset support. - Improved API and RPC interface. - Fixed the preference cache. The full list of changes (from version 3.1.1) can be viewed here: http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.231&r2=1.515.2.252&ty=h --- Module Name: pkgsrc Committed By: adrianp Date: Thu Jul 13 20:42:21 UTC 2006 Modified Files: pkgsrc/www/horde: Makefile Log Message: Update Makefile missed in 3.1.2 update @ text @d1 1 a1 1 $NetBSD: patch-ab,v 1.3 2006/06/16 09:23:21 adrianp Exp $ @ 1.2 log @Update to horde 2.0, as 1.2.7 doesn't work with the new php. "has been released. The 2.0 release is a massive upgrade of the Horde Application Framework. Many components have been added or streamlined. Inter-application support is much more robust, a generic MIME_Viewer framework is included, a new preferences system supports global or application scope for preferences, and more!" @ text @d1 1 a1 1 $NetBSD: patch-ab,v 1.1 2001/02/12 15:26:05 jlam Exp $ d3 17 a19 11 --- scripts/database/dbpasswd.sh.orig Fri Sep 29 15:13:55 2000 +++ scripts/database/dbpasswd.sh @@@@ -17,7 +17,7 @@@@ # Determine OS and its techniques. # case "`uname -s`" in -Linux|FreeBSD|OpenBSD) +Linux|FreeBSD|NetBSD|OpenBSD) N="-n"; C="" ;; *) @ 1.1 log @Initial revision @ text @d1 1 a1 1 $NetBSD$ @ 1.1.1.1 log @Horde PHP application framework @ text @@