Added sql_injection_template_export patch, fixes security bug #317615, thank Marcin Mirosław for report.

Package-Manager: portage-2.2_rc67/cvs/Linux x86_64

3 files changed, 100 insertions, 2 deletions

diff --git a/net-analyzer/cacti/ChangeLog b/net-analyzer/cacti/ChangeLog
index 833354b33a80..2d9bcef18ed9 100644
--- a/net-analyzer/cacti/ChangeLog
+++ b/net-analyzer/cacti/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for net-analyzer/cacti
 # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/cacti/ChangeLog,v 1.164 2010/04/14 20:41:50 gengor Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/cacti/ChangeLog,v 1.165 2010/05/18 13:09:09 pva Exp $
+
+*cacti-0.8.7e-r2 (18 May 2010)
+
+  18 May 2010; Peter Volkov <pva@gentoo.org> +cacti-0.8.7e-r2.ebuild:
+  Added sql_injection_template_export patch, fixes security bug #317615,
+  thank Marcin Mirosław for report.
 
   14 Apr 2010; Gordon Malm <gengor@gentoo.org> cacti-0.8.7e-r1.ebuild:
   Fix RDEPEND for bug #304583.
diff --git a/net-analyzer/cacti/Manifest b/net-analyzer/cacti/Manifest
index 69916eb67921..a0ee7af5cd07 100644
--- a/net-analyzer/cacti/Manifest
+++ b/net-analyzer/cacti/Manifest
@@ -4,7 +4,9 @@ DIST cli_add_graph.patch 556 RMD160 21f5ddca4bc22ed7208d468c07c2feba0873e2b2 SHA
 DIST cross_site_fix.patch 8705 RMD160 96b72fcc2e17fb0ecd622f4fb627a5ff67f94be2 SHA1 3cf067a88b0c2d4348c88d37c98312760d1f1efe SHA256 75b7d4687722d96e0d32afb3832f93a54e8518c0c949e1dcd9ae634623564b28
 DIST fix_icmp_on_windows_iis_servers.patch 2997 RMD160 176a28cff430e79433dee4b54aac736548a6cda2 SHA1 466936d06e7a7e4d882b2375ae0cac9dc6434ab1 SHA256 5dd61a9accd5a2872d8efa03bb6b7e49c735568094286a1664f2ae4491ecdeeb
 DIST snmp_invalid_response.patch 921 RMD160 02d1f7fc63473fefbfee9a2edc020f5ec960d103 SHA1 8308f02d69ac3fb1a2ced5ad66c6c5c2078fc75f SHA256 4259979a2d9fdc51a6ef3a88368fe97adace3a7f1c3b895dea61757de9822db8
+DIST sql_injection_template_export.patch 636 RMD160 b62eb338359ea666aa72b5cff4a84d47ec88223e SHA1 d64c9173d1a66ef4b47487ee089050a664f58f97 SHA256 cdcec3946e81edde690b34627c52620bb702de0a3a823bcb571f421b093effed
 DIST template_duplication.patch 9190 RMD160 ba1d35cc207484b17c30044bb9f025ed6281c37b SHA1 27f3ee2eb37bd3c9430933cf00a30e63b2b05829 SHA256 c6ab6d2396f6b6519607f7908df642a575d32a75430e2b74381a6046d57f8ad9
 EBUILD cacti-0.8.7e-r1.ebuild 2083 RMD160 2386b1a6a85ef238a67f52f662c5adca707ec086 SHA1 131f9e080dc47e71f4fb4bf1973a0abcc1457c42 SHA256 263eefc992569fdbdfeb043eb1a58b00032d073f29fbf87634879e8211a670de
-MISC ChangeLog 23643 RMD160 d8e8537843cd1c55c50b3cbbb94f7c3331e1db17 SHA1 c5ccd36500fb54b9c9d4399e39f2c92a81c576b0 SHA256 ad40d5aa077e2465d90b1c3d47479b2ca05a86d8b4c9b4933122d1b841819242
+EBUILD cacti-0.8.7e-r2.ebuild 2118 RMD160 e05d97579f4f1a19838316a5cf43d118d026a539 SHA1 303c8e53b82b55c3497ae51301a3a69bbc484d5e SHA256 0b113cef047ff04dbc88685085b452e758e52113fc2d9e4d8b0974fe2fadd62d
+MISC ChangeLog 23853 RMD160 854ee8bd3922fc29a909f0f509039c3cc1fb1f78 SHA1 85b0fcc97a177e8e7d820a17c40521ff02b92731 SHA256 4b0abad17f3b3c459e734603d325317df475ff9dd094d0de4157c855ce877b26
 MISC metadata.xml 803 RMD160 b497804bac33062b7f13330acef0ef28bea19f65 SHA1 031e32c4f5ffe0fc67943674530e880d02f5f2a0 SHA256 db81b920eb3683d9e4fc323bb2399156dfc4a8a0f5d4874505e0c1891dd17819
diff --git a/net-analyzer/cacti/cacti-0.8.7e-r2.ebuild b/net-analyzer/cacti/cacti-0.8.7e-r2.ebuild
new file mode 100644
index 000000000000..42a185359ed8
--- /dev/null
+++ b/net-analyzer/cacti/cacti-0.8.7e-r2.ebuild
@@ -0,0 +1,90 @@
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/cacti/cacti-0.8.7e-r2.ebuild,v 1.1 2010/05/18 13:09:09 pva Exp $
+
+inherit eutils webapp depend.php
+
+# Support for _p* in version.
+MY_P=${P/_p*/}
+HAS_PATCHES=1
+
+DESCRIPTION="Cacti is a complete frontend to rrdtool"
+HOMEPAGE="http://www.cacti.net/"
+SRC_URI="http://www.cacti.net/downloads/${MY_P}.tar.gz"
+
+# patches
+if [ "${HAS_PATCHES}" == "1" ] ; then
+	UPSTREAM_PATCHES="cli_add_graph
+		snmp_invalid_response
+		template_duplication
+		fix_icmp_on_windows_iis_servers
+		cross_site_fix
+		sql_injection_template_export"
+	for i in ${UPSTREAM_PATCHES} ; do
+		SRC_URI="${SRC_URI} http://www.cacti.net/downloads/patches/${PV/_p*}/${i}.patch"
+	done
+fi
+
+LICENSE="GPL-2"
+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
+IUSE="snmp doc"
+
+DEPEND=""
+
+need_php_cli
+need_httpd_cgi
+need_php_httpd
+
+RDEPEND="snmp? ( >=net-analyzer/net-snmp-5.1.2 )
+	<net-analyzer/rrdtool-1.4
+	dev-php/adodb
+	virtual/mysql
+	virtual/cron"
+
+src_unpack() {
+	if [ "${HAS_PATCHES}" == "1" ] ; then
+		unpack ${MY_P}.tar.gz
+		[ ! ${MY_P} == ${P} ] && mv ${MY_P} ${P}
+		# patches
+		for i in ${UPSTREAM_PATCHES} ; do
+			EPATCH_OPTS="-p1 -d ${S} -N" epatch "${DISTDIR}"/${i}.patch
+		done ;
+	else
+		unpack ${MY_P}.tar.gz
+	fi
+
+	sed -i -e \
+		's:$config\["library_path"\] . "/adodb/adodb.inc.php":"adodb/adodb.inc.php":' \
+		"${S}"/include/global.php
+
+	rm -rf lib/adodb # don't use bundled adodb
+}
+
+pkg_setup() {
+	webapp_pkg_setup
+	has_php
+	require_php_with_use cli mysql xml session pcre sockets
+}
+
+src_compile() { :; }
+
+src_install() {
+	webapp_src_preinst
+
+	rm LICENSE README
+	dodoc docs/{CHANGELOG,CONTRIB,README,txt/manual.txt} || die
+	use doc && dohtml -r docs/html/
+	rm -rf docs
+
+	edos2unix `find -type f -name '*.php'`
+
+	dodir ${MY_HTDOCSDIR}
+	cp -r . "${D}"${MY_HTDOCSDIR}
+
+	webapp_serverowned ${MY_HTDOCSDIR}/rra
+	webapp_serverowned ${MY_HTDOCSDIR}/log/cacti.log
+	webapp_configfile ${MY_HTDOCSDIR}/include/config.php
+	webapp_postinst_txt en "${FILESDIR}"/postinstall-en.txt
+
+	webapp_src_install
+}