SOURCES: mantis-debian.patch (NEW) - fix from gentoo which origina...

Sat Sep 24 15:28:21 CEST 2005

Author: glen                         Date: Sat Sep 24 13:28:21 2005 GMT
Module: SOURCES                       Tag: HEAD
---- Log message:
- fix from gentoo which originates from debian. see also http://bugs.gentoo.org/show_bug.cgi?id=103308

---- Files affected:
SOURCES:
   mantis-debian.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: SOURCES/mantis-debian.patch
diff -u /dev/null SOURCES/mantis-debian.patch:1.1

--- /dev/null	Sat Sep 24 15:28:21 2005
+++ SOURCES/mantis-debian.patch	Sat Sep 24 15:28:16 2005
@@ -0,0 +1,69 @@
+diff -ur mantis-0.19.2/core/database_api.php mantis-0.19.2.patched/core/database_api.php
+--- mantis-0.19.2/core/database_api.php	2004-12-09 13:55:06.000000000 -0500
++++ mantis-0.19.2.patched/core/database_api.php	2005-09-14 07:12:11.000000000 -0400
+@@ -9,6 +9,13 @@
+ 	# $Id$
+ 	# --------------------------------------------------------
+ 
++	#
++	# Patch for #0005956: Database system scanner via variable poisoning
++	#
++	
++	if (isset($_REQUEST["g_db_type"]))
++		die("");
++
+ 	### Database ###
+ 
+ 	# This is the general interface for all database calls.
+diff -ur mantis-0.19.2/core/filter_api.php mantis-0.19.2.patched/core/filter_api.php
+--- mantis-0.19.2/core/filter_api.php	2004-11-19 08:06:30.000000000 -0500
++++ mantis-0.19.2.patched/core/filter_api.php	2005-09-14 07:13:54.000000000 -0400
+@@ -753,7 +753,7 @@
+ ?> 
+ 
+ 		<br />
+-		<form method="post" name="filters" action="<?php PRINT $t_action; ?>">
++		<form method="post" name="filters" action="<?php PRINT htmlentities($t_action); ?>">
+ 		<input type="hidden" name="type" value="5" />
+ 		<?php
+ 			if ( $p_for_screen == false ) {
+@@ -761,10 +761,10 @@
+ 				PRINT '<input type="hidden" name="offset" value="0" />';
+ 			}
+ 		?>
+-		<input type="hidden" name="sort" value="<?php PRINT $t_sort ?>" />
+-		<input type="hidden" name="dir" value="<?php PRINT $t_dir ?>" />
+-		<input type="hidden" name="page_number" value="<?php PRINT $p_page_number ?>" />
+-		<input type="hidden" name="view_type" value="<?php PRINT $t_view_type ?>" />
++		<input type="hidden" name="sort" value="<?php PRINT htmlentities($t_sort) ?>" />
++		<input type="hidden" name="dir" value="<?php PRINT htmlentities($t_dir) ?>" />
++		<input type="hidden" name="page_number" value="<?php PRINT htmlentities($p_page_number) ?>" />
++		<input type="hidden" name="view_type" value="<?php PRINT htmlentities($t_view_type) ?>" />
+ 		<table class="width100" cellspacing="1">
+ 		
+ 		<?php
+diff -ur mantis-0.19.2/login_page.php mantis-0.19.2.patched/login_page.php
+--- mantis-0.19.2/login_page.php	2004-08-14 11:26:20.000000000 -0400
++++ mantis-0.19.2.patched/login_page.php	2005-09-14 07:11:16.000000000 -0400
+@@ -138,14 +138,13 @@
+ 			echo '</div>';
+ 		}
+ 	}
+-
+-	# Check if the admin directory is available and is readable.
+-	$t_admin_dir = dirname( __FILE__ ) . DIRECTORY_SEPARATOR . 'admin' . DIRECTORY_SEPARATOR;
+-	if ( is_dir( $t_admin_dir ) && is_readable( $t_admin_dir ) ) {
+-			echo '<div class="warning" align="center">', "\n";
+-			echo '<p><font color="red"><strong>WARNING:</strong> Admin directory should be removed.</font></p>', "\n";
+-			echo '</div>', "\n";
+-	}
++#      # Check if the admin directory is available and is readable.
++#      $t_admin_dir = dirname( __FILE__ ) . DIRECTORY_SEPARATOR . 'admin' . DIRECTORY_SEPARATOR;
++#      if ( is_dir( $t_admin_dir ) && is_readable( $t_admin_dir ) ) {
++#                      echo '<div class="warning" align="center">', "\n";
++#                      echo '<p><font color="red"><strong>WARNING:</strong> Admin directory should be removed.</font></p>', "\n";
++#                      echo '</div>', "\n";
++#      }
+ ?>
+ 
+ <!-- Autofocus JS -->
================================================================

