Drop vulnerable version, bug #386153, thank GLSAMaker/CVETool Bot for report.

Package-Manager: portage-2.1.10.20/cvs/Linux x86_64

4 files changed, 10 insertions, 194 deletions

diff --git a/www-apps/mantisbt/ChangeLog b/www-apps/mantisbt/ChangeLog
index f0cb0e6f812b..f439fed65f81 100644
--- a/www-apps/mantisbt/ChangeLog
+++ b/www-apps/mantisbt/ChangeLog
@@ -1,6 +1,10 @@
 # ChangeLog for www-apps/mantisbt
 # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v 1.113 2011/09/12 21:05:59 maekke Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v 1.114 2011/10/08 15:51:49 pva Exp $
+
+  08 Oct 2011; Peter Volkov <pva@gentoo.org> -mantisbt-1.2.7-r1.ebuild,
+  -files/mantisbt-1.2.7-file-inclusion.patch:
+  Drop vulnerable version, bug #386153, thank GLSAMaker/CVETool Bot for report.
 
   12 Sep 2011; Markus Meier <maekke@gentoo.org> mantisbt-1.2.8.ebuild:
   amd64/x86 stable, bug #381785
diff --git a/www-apps/mantisbt/Manifest b/www-apps/mantisbt/Manifest
index 03664c165dda..12f2007c601d 100644
--- a/www-apps/mantisbt/Manifest
+++ b/www-apps/mantisbt/Manifest
@@ -1,18 +1,15 @@
 -----BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
+Hash: SHA256
 
-AUX mantisbt-1.2.7-file-inclusion.patch 5835 RMD160 f6e692b294977201fdab93d93a78a608526bb5f9 SHA1 2cf123e20a277a55d76f2118347affbd3ad139b4 SHA256 4c8db1efb5f6ab4bd465ac4b85c19e741d64c28b55160818c5870f9d5f64ce86
 AUX postinstall-en-1.0.0.txt 640 RMD160 1e0a077db936ab8c2a6bf06c9091d4b5194b0b9c SHA1 1fb4a3c4e32b7ddca4b37017e8c8101d8d0c83c7 SHA256 af60f6f6be915164f420f5e9ae04fa18d8bf85e73a9a59668ba4a6b7ba41900d
-DIST mantisbt-1.2.7.tar.gz 3366560 RMD160 99fc5e1eb278da5372356d7d1f7e615962fcf1a5 SHA1 1e8d324e30b06ebd341bc2e7f5faa1dfd9a0c74f SHA256 ea6cf74c079144fbb9b3b1fdcdcc082177cd42efdada1ee64faa15911b209304
 DIST mantisbt-1.2.8.tar.gz 3368632 RMD160 4c4b7abcad3465f8dca63cf50063a4ad1c80b39d SHA1 6cff6fd7d709e25c620c9717d6bf079ce52b73c5 SHA256 6b06dbb0e47135f6ffe05ae2e4bc66e51e3961558cf361629bd0caba0f759b11
-EBUILD mantisbt-1.2.7-r1.ebuild 1455 RMD160 a452f845328bcb3eadcfcf6c9e7d72f5c00bfe20 SHA1 5532a4206aa2f39bd17ae1ce072a4cfd68925cd0 SHA256 3ae190d0037ac00d0f85caed96cc9780a1faea9b210c6e66987bcc1d431c0ace
 EBUILD mantisbt-1.2.8.ebuild 1381 RMD160 8ff1da73a42f7b8903928a60c36fc64b5a713979 SHA1 9dbc67c3c24cfde10c5e22c9ecb73344de13ed9d SHA256 51f8f7b849f84b78f1778f5d31106fc08616c2f4562dc63a7dee239f1ce775ac
-MISC ChangeLog 17569 RMD160 8682cb03a39fbe915ab8e58edb9641b1e6806283 SHA1 0e62d69107f18a49fc87a8ad2e96776899376c72 SHA256 8f1959b2b44f280af441d67efe6566c1c754666adc331903d5e6479e7732aa32
+MISC ChangeLog 17765 RMD160 b133eb312d336d56bb7fe32c81077db0e8de62e5 SHA1 4db39ffdff99f8d2a9acdb6e253ee47c5ebaf45d SHA256 f32482d2f37098364bac3a05bc7ea066c14c33be9a42622e7b703bbd4e2d90ca
 MISC metadata.xml 351 RMD160 05c79dbc5fce5043732f798e2b4b7749465ab1da SHA1 99337d7682d937de71f97a441e8dbd36a36229a7 SHA256 b840e4c4263c7f2502b4f7316adbec8c4fc10f58c96a5f140e304806525b0ab0
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.17 (GNU/Linux)
 
-iEYEARECAAYFAk5udHEACgkQkKaRLQcq0GKS9wCfUhhRaOzU0DAMaduokcrUFJS7
-Ob4AoIEiO2eUU3UClJjOpwG6sLkgxM0L
-=rYOF
+iF4EAREIAAYFAk6QcSsACgkQGrk+8vGYmwfjnQD/ax6LwoMzR3F9LQYgnLzg1XWg
+iCYo9Xyf/XkhSMq4018A/jek0uArsUx0LxjOJ8dgB6te5J28u5k1TldN+Y3Ig6Jv
+=d5nG
 -----END PGP SIGNATURE-----
diff --git a/www-apps/mantisbt/files/mantisbt-1.2.7-file-inclusion.patch b/www-apps/mantisbt/files/mantisbt-1.2.7-file-inclusion.patch
deleted file mode 100644
index 320e6b748aff..000000000000
--- a/www-apps/mantisbt/files/mantisbt-1.2.7-file-inclusion.patch
+++ /dev/null
@@ -1,134 +0,0 @@
-commit a7eacc181185eff1dd7bd8ceaa34a91cf86cc298
-Author: David Hicks <d@hx.id.au>
-Date:   Thu Sep 1 19:36:31 2011 +1000
-
-    Fix #13282, #13283: bug_actiongroup_ext_page.php LFI and XSS
-    
-    High-Tech Bridge SA Security Research Lab reported 2 issues with the
-    'action' parameter to bug_actiongroup_ext_page.php
-    
-    Issue #13282
-    
-    XSS issue with require_once() call failures returning an unescaped
-    user-supplied filename. There has been a fair amount of recent public
-    talk about PHP error messages being a source of XSS issues. This is an
-    example.
-    
-    Issue #12283
-    
-    Local file inclusion/path traversal vulnerability on web servers that
-    allow translations like:
-    http://example.com/directory/file.htm/../file2.htm ==>
-    http://example.com/directory/file2.htm
-    
-    Vulnerable (default configuration): Apache
-    Not vulnerable (default configuration): nginx
-    
-    This issue has _SEVERE_ consequences for people using web servers which
-    don't check each segment of a path from top to bottom for validity. It
-    shouldn't be possible to include the contents of config_inc.php to
-    retrieve MantisBT database passwords because
-    require_once('config_inc.php') will parse the document as a PHP script
-    (echoing nothing). However it may allow attackers to view private files
-    accessible to the web server user account. It also allows an attacker to
-    guess the file structure of a server (existence of installed software,
-    user accounts, etc).
-    
-    nginx will produce a 404 error when it determines that file.htm is not a
-    directory. This makes too much sense, doesn't it?
-
-diff --git a/bug_actiongroup_ext_page.php b/bug_actiongroup_ext_page.php
-index 2a599d3..0a0ab91 100644
---- a/bug_actiongroup_ext_page.php
-+++ b/bug_actiongroup_ext_page.php
-@@ -40,12 +40,18 @@
-   # redirect to view issues page if action doesn't have ext_* prefix.
-   # This should only occur if this page is called directly.
- 	$t_external_action_prefix = 'EXT_';
--	if ( strpos( $f_action, $t_external_action_prefix ) !== 0 ) {
-+	$t_matches = array();
-+	preg_match( '/^EXT_(\w+)$/', $f_action, $t_matches );
-+	if ( count( $t_matches ) !== 2 ) {
- 		print_header_redirect( 'view_all_bug_page.php' );
--  }
-+		exit;
-+	}
-+	$t_external_action = $t_matches[1];
-+	$t_include_file = 'bug_actiongroup_' . $t_external_action . '_inc.php';
-+	if ( !file_exists( $t_include_file ) ) {
-+		trigger_error( ERROR_GENERIC, ERROR );
-+	}
- 
--	$t_external_action = utf8_strtolower( utf8_substr( $f_action, utf8_strlen( $t_external_action_prefix ) ) );
--	$t_form_fields_page = 'bug_actiongroup_' . $t_external_action . '_inc.php';
- 	$t_form_name = 'bug_actiongroup_' . $t_external_action;
- 
- 	bug_group_action_print_top();
-diff --git a/core/bug_group_action_api.php b/core/bug_group_action_api.php
-index bd80ea6..30e71ed 100644
---- a/core/bug_group_action_api.php
-+++ b/core/bug_group_action_api.php
-@@ -94,7 +94,14 @@ function bug_group_action_print_hidden_fields( $p_bug_ids_array ) {
-  * @param $p_action   The custom action name without the "EXT_" prefix.
-  */
- function bug_group_action_print_action_fields( $p_action ) {
--	require_once( dirname( dirname( __FILE__ ) ) . DIRECTORY_SEPARATOR . 'bug_actiongroup_' . $p_action . '_inc.php' );
-+	if ( !preg_match( '/^\w+$/', $p_action ) ) {
-+		trigger_error( ERROR_GENERIC, ERROR );
-+	}
-+	$t_include_file = 'bug_actiongroup_' . $p_action . '_inc.php';
-+	if ( !file_exists( $t_include_file ) ) {
-+		trigger_error( ERROR_GENERIC, ERROR );
-+	}
-+	require_once( $t_include_file );
- 	$t_function_name = 'action_' . $p_action . '_print_fields';
- 	$t_function_name();
- }
-@@ -106,7 +113,14 @@ function bug_group_action_print_action_fields( $p_action ) {
-  * @param $p_action   The custom action name without the "EXT_" prefix.
-  */
- function bug_group_action_print_title( $p_action ) {
--	require_once( dirname( dirname( __FILE__ ) ) . DIRECTORY_SEPARATOR . 'bug_actiongroup_' . $p_action . '_inc.php' );
-+	if ( !preg_match( '/^\w+$/', $p_action ) ) {
-+		trigger_error( ERROR_GENERIC, ERROR );
-+	}
-+	$t_include_file = 'bug_actiongroup_' . $p_action . '_inc.php';
-+	if ( !file_exists( $t_include_file ) ) {
-+		trigger_error( ERROR_GENERIC, ERROR );
-+	}
-+	require_once( $t_include_file );
- 	$t_function_name = 'action_' . $p_action . '_print_title';
- 	$t_function_name();
- }
-@@ -121,7 +135,14 @@ function bug_group_action_print_title( $p_action ) {
-  * @returns true|array true if action can be applied or array of ( bug_id => reason for failure to validate )
-  */
- function bug_group_action_validate( $p_action, $p_bug_id ) {
--	require_once( dirname( dirname( __FILE__ ) ) . DIRECTORY_SEPARATOR . 'bug_actiongroup_' . $p_action . '_inc.php' );
-+	if ( !preg_match( '/^\w+$/', $p_action ) ) {
-+		trigger_error( ERROR_GENERIC, ERROR );
-+	}
-+	$t_include_file = 'bug_actiongroup_' . $p_action . '_inc.php';
-+	if ( !file_exists( $t_include_file ) ) {
-+		trigger_error( ERROR_GENERIC, ERROR );
-+	}
-+	require_once( $t_include_file );
- 	$t_function_name = 'action_' . $p_action . '_validate';
- 	return $t_function_name( $p_bug_id );
- }
-@@ -136,7 +157,14 @@ function bug_group_action_validate( $p_action, $p_bug_id ) {
-  * @returns true|array Action can be applied., ( bug_id => reason for failure to process )
-  */
- function bug_group_action_process( $p_action, $p_bug_id ) {
--	require_once( dirname( dirname( __FILE__ ) ) . DIRECTORY_SEPARATOR . 'bug_actiongroup_' . $p_action . '_inc.php' );
-+	if ( !preg_match( '/^\w+$/', $p_action ) ) {
-+		trigger_error( ERROR_GENERIC, ERROR );
-+	}
-+	$t_include_file = 'bug_actiongroup_' . $p_action . '_inc.php';
-+	if ( !file_exists( $t_include_file ) ) {
-+		trigger_error( ERROR_GENERIC, ERROR );
-+	}
-+	require_once( $t_include_file );
- 	$t_function_name = 'action_' . $p_action . '_process';
- 	return $t_function_name( $p_bug_id );
- }
diff --git a/www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild b/www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild
deleted file mode 100644
index aaa3f96012aa..000000000000
--- a/www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild
+++ /dev/null
@@ -1,51 +0,0 @@
-# Copyright 1999-2011 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/mantisbt-1.2.7-r1.ebuild,v 1.3 2011/09/04 00:55:38 phajdan.jr Exp $
-
-EAPI="2"
-
-inherit eutils webapp depend.php
-
-DESCRIPTION="PHP/MySQL/Web based bugtracking system"
-HOMEPAGE="http://www.mantisbt.org/"
-SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
-
-LICENSE="GPL-2"
-KEYWORDS="amd64 x86"
-IUSE=""
-
-RDEPEND="
-	virtual/httpd-php
-	virtual/httpd-cgi
-	|| ( <dev-lang/php-5.3[pcre] >=dev-lang/php-5.3 )
-	>=dev-php5/ezc-Base-1.8
-	>=dev-php5/ezc-Graph-1.5
-	>=dev-php/adodb-5.10"
-
-src_prepare() {
-	epatch "${FILESDIR}/mantisbt-1.2.7-file-inclusion.patch" #381417
-
-	# Drop external libraries
-	rm -r "${S}/library/adodb/"
-	rm -r "${S}/library/ezc/"{Base,Graph}
-	sed -e 's:ezc/Base/src/base.php:ezc/Base/base.php:' \
-		-i "${S}"/plugins/MantisGraph/{core/graph_api.php,pages/summary_graph_cumulative_bydate2.php} \
-			|| die
-	# Fix incorrect filename
-	sed -e 's:config_default_inc.php:config_defaults_inc.php:' \
-		-i "${S}/lang/strings_russian.txt" || die
-}
-
-src_install() {
-	webapp_src_preinst
-	rm doc/{LICENSE,INSTALL}
-	dodoc doc/{CREDITS,CUSTOMIZATION,RELEASE} doc/en/*
-
-	rm -rf doc packages
-	mv config_inc.php.sample config_inc.php
-	cp -R . "${D}/${MY_HTDOCSDIR}"
-
-	webapp_configfile "${MY_HTDOCSDIR}/config_inc.php"
-	webapp_postinst_txt en "${FILESDIR}/postinstall-en-1.0.0.txt"
-	webapp_src_install
-}