diff options
-rw-r--r-- | dev-php/smarty/ChangeLog | 6 | ||||
-rw-r--r-- | dev-php/smarty/files/smarty-2.6.20-CVE-2008-4810.patch | 30 | ||||
-rw-r--r-- | dev-php/smarty/smarty-2.6.20-r1.ebuild | 49 |
3 files changed, 5 insertions, 80 deletions
diff --git a/dev-php/smarty/ChangeLog b/dev-php/smarty/ChangeLog index 1c206999b311..ba110c02b474 100644 --- a/dev-php/smarty/ChangeLog +++ b/dev-php/smarty/ChangeLog @@ -1,6 +1,10 @@ # ChangeLog for dev-php/smarty # Copyright 2000-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-php/smarty/ChangeLog,v 1.93 2009/02/06 03:27:33 jer Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-php/smarty/ChangeLog,v 1.94 2009/02/16 18:50:46 dertobi123 Exp $ + + 16 Feb 2009; Tobias Scherbaum <dertobi123@gentoo.org> + -files/smarty-2.6.20-CVE-2008-4810.patch, -smarty-2.6.20-r1.ebuild: + Cleanup 06 Feb 2009; Jeroen Roovers <jer@gentoo.org> smarty-2.6.21.ebuild: Stable for HPPA (bug #254415). diff --git a/dev-php/smarty/files/smarty-2.6.20-CVE-2008-4810.patch b/dev-php/smarty/files/smarty-2.6.20-CVE-2008-4810.patch deleted file mode 100644 index c453ec7e34e7..000000000000 --- a/dev-php/smarty/files/smarty-2.6.20-CVE-2008-4810.patch +++ /dev/null @@ -1,30 +0,0 @@ ------------------------------------------------------------------------- -r2784 | Uwe.Tews | 2008-09-18 23:03:32 +0200 (Thu, 18 Sep 2008) | 1 line - - - fix function injection security hole closed (U.Tews) ------------------------------------------------------------------------- -r2796 | monte.ohrt | 2008-09-22 17:29:16 +0200 (Mon, 22 Sep 2008) | 3 lines - -revert patch for secuity hole, update site url - - ------------------------------------------------------------------------- -r2797 | monte.ohrt | 2008-09-22 21:26:32 +0200 (Mon, 22 Sep 2008) | 3 lines - -patch for security, php executed in templates - - ------------------------------------------------------------------------- -Index: Smarty_Compiler.class.php -=================================================================== ---- Smarty-2.6.20.orig/libs/Smarty_Compiler.class.php (revision 2781) -+++ Smarty-2.6.20/libs/Smarty_Compiler.class.php (revision 2797) -@@ -1705,6 +1705,8 @@ - } - // replace double quoted literal string with single quotes - $_return = preg_replace('~^"([\s\w]+)"$~',"'\\1'",$_return); -+ // escape dollar sign if not printing a var -+ $_return = preg_replace('~\$(\W)~',"\\\\\$\\1",$_return); - return $_return; - } - diff --git a/dev-php/smarty/smarty-2.6.20-r1.ebuild b/dev-php/smarty/smarty-2.6.20-r1.ebuild deleted file mode 100644 index af75d4fabcd9..000000000000 --- a/dev-php/smarty/smarty-2.6.20-r1.ebuild +++ /dev/null @@ -1,49 +0,0 @@ -# Copyright 1999-2008 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-php/smarty/smarty-2.6.20-r1.ebuild,v 1.5 2008/11/29 17:40:02 jer Exp $ - -inherit php-lib-r1 eutils - -KEYWORDS="alpha amd64 hppa ppc ~ppc64 sparc x86" - -MY_P="Smarty-${PV}" - -DESCRIPTION="A template engine for PHP." -HOMEPAGE="http://www.smarty.net/" -SRC_URI="http://www.smarty.net/distributions/${MY_P}.tar.gz" -LICENSE="LGPL-2.1" -SLOT="0" -IUSE="doc" - -DEPEND="" -RDEPEND="" -PDEPEND="doc? ( dev-php/smarty-docs )" - -S="${WORKDIR}/${MY_P}" - -need_php_by_category - -src_unpack() { - unpack ${A} - cd "${S}" - - epatch "${FILESDIR}/${P}-CVE-2008-4810.patch" -} - -src_install() { - dodoc-php BUGS ChangeLog FAQ NEWS QUICK_START README RELEASE_NOTES TODO - - php-lib-r1_src_install ./libs `find ./libs -type f -print | sed -e "s|./libs||g"` -} - -pkg_postinst() { - elog "${PHP_LIB_NAME} has been installed in /usr/share/php/${PHP_LIB_NAME}/." - elog "To use it in your scripts, either" - elog "1. define('SMARTY_DIR', \"/usr/share/php/${PHP_LIB_NAME}/\") in your scripts, or" - elog "2. add '/usr/share/php/${PHP_LIB_NAME}/' to the 'include_path' variable in your" - elog "php.ini file under /etc/php/SAPI (where SAPI is one of apache2-php5," - elog "cgi-php5 or cli-php5)." - elog - elog "If you're upgrading from a previous version make sure to clear out your" - elog "templates_c and cache directories as some include paths have changed!" -} |