diff options
| author |   Peter Volkov <pva@gentoo.org> | 2008-09-29 07:00:22 +0000 |
|---|---|---|
| committer | Peter Volkov <pva@gentoo.org> | 2008-09-29 07:00:22 +0000 |
| commit | 2be4f2588a76bb594dd14975b644bfe1764cd6b9 (patch) | |
| tree | 5511b646e06489251660c8d7530fd57ffd04807c /www-apps/mantisbt | |
| parent | Version bump. Cleanup (diff) | |
| download | gentoo-2-2be4f2588a76bb594dd14975b644bfe1764cd6b9.tar.gz gentoo-2-2be4f2588a76bb594dd14975b644bfe1764cd6b9.tar.bz2 gentoo-2-2be4f2588a76bb594dd14975b644bfe1764cd6b9.zip | |
Pushing fixes from svn, should fix security issue #238570, thank Robert Buchholz for report. Remove old.
(Portage version: 2.2_rc11/cvs/Linux 2.6.26-gentoo-r1 i686)
Diffstat (limited to 'www-apps/mantisbt')
| -rw-r--r-- | www-apps/mantisbt/ChangeLog | 12 | ||||
| -rw-r--r-- | www-apps/mantisbt/files/mantisbt-1.0.8-avoid-XS-type-in-schema.php.patch | 87 | ||||
| -rw-r--r-- | www-apps/mantisbt/files/mantisbt-1.0.8-avoid-XSS-in-file_api.php.patch | 13 | ||||
| -rw-r--r-- | www-apps/mantisbt/files/mantisbt-1.1.2-svn-5369:5587.patch | 319 | ||||
| -rw-r--r-- | www-apps/mantisbt/mantisbt-1.0.8-r1.ebuild | 61 | ||||
| -rw-r--r-- | www-apps/mantisbt/mantisbt-1.1.2-r1.ebuild (renamed from www-apps/mantisbt/mantisbt-1.1.1.ebuild) | 21 |
6 files changed, 337 insertions, 176 deletions
diff --git a/www-apps/mantisbt/ChangeLog b/www-apps/mantisbt/ChangeLog index c2a0da235625..4c81ebe20f06 100644 --- a/www-apps/mantisbt/ChangeLog +++ b/www-apps/mantisbt/ChangeLog @@ -1,6 +1,16 @@ # ChangeLog for www-apps/mantisbt # Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v 1.60 2008/09/19 18:49:01 dertobi123 Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/ChangeLog,v 1.61 2008/09/29 07:00:21 pva Exp $ + +*mantisbt-1.1.2-r1 (25 Sep 2008) + + 25 Sep 2008; Peter Volkov <pva@gentoo.org> + -files/mantisbt-1.0.8-avoid-XS-type-in-schema.php.patch, + -files/mantisbt-1.0.8-avoid-XSS-in-file_api.php.patch, + +files/mantisbt-1.1.2-svn-5369:5587.patch, -mantisbt-1.0.8-r1.ebuild, + -mantisbt-1.1.1.ebuild, +mantisbt-1.1.2-r1.ebuild: + Pushing fixes from svn, should fix security issue #238570, thank Robert + Buchholz for report. Remove old. 19 Sep 2008; Tobias Scherbaum <dertobi123@gentoo.org> mantisbt-1.1.2.ebuild: diff --git a/www-apps/mantisbt/files/mantisbt-1.0.8-avoid-XS-type-in-schema.php.patch b/www-apps/mantisbt/files/mantisbt-1.0.8-avoid-XS-type-in-schema.php.patch deleted file mode 100644 index 1957db63b009..000000000000 --- a/www-apps/mantisbt/files/mantisbt-1.0.8-avoid-XS-type-in-schema.php.patch +++ /dev/null @@ -1,87 +0,0 @@ ---- admin/schema.php.orig 2007-08-12 09:51:24.000000000 +0400 -+++ admin/schema.php 2007-08-12 09:53:25.000000000 +0400 -@@ -26,7 +26,7 @@ - user_id I DEFAULT '0' PRIMARY, - access_reqd I DEFAULT '0', - type I DEFAULT '90', -- value XS NOTNULL", -+ value XL NOTNULL", - Array('mysql' => 'TYPE=MyISAM', 'pgsql' => 'WITHOUT OIDS'))); - $upgrade[] = Array('CreateIndexSQL',Array('idx_config',config_get('mantis_config_table'),'config_id')); - -@@ -108,9 +108,9 @@ - - $upgrade[] = Array('CreateTableSQL',Array(config_get('mantis_bug_text_table')," - id I PRIMARY UNSIGNED NOTNULL AUTOINCREMENT, -- description XS NOTNULL, -- steps_to_reproduce XS NOTNULL, -- additional_information XS NOTNULL -+ description XL NOTNULL, -+ steps_to_reproduce XL NOTNULL, -+ additional_information XL NOTNULL - ",Array('mysql' => 'TYPE=MyISAM', 'pgsql' => 'WITHOUT OIDS'))); - - $upgrade[] = Array('CreateTableSQL',Array(config_get('mantis_bugnote_table')," -@@ -129,7 +129,7 @@ - - $upgrade[] = Array('CreateTableSQL',Array(config_get('mantis_bugnote_text_table')," - id I UNSIGNED NOTNULL PRIMARY AUTOINCREMENT, -- note XS NOTNULL -+ note XL NOTNULL - ",Array('mysql' => 'TYPE=MyISAM', 'pgsql' => 'WITHOUT OIDS'))); - - $upgrade[] = Array('CreateTableSQL',Array(config_get('mantis_custom_field_project_table')," -@@ -174,7 +174,7 @@ - project_id I NOTNULL DEFAULT '0', - is_public L DEFAULT NULL, - name C(64) NOTNULL DEFAULT \" '' \", -- filter_string XS NOTNULL -+ filter_string XL NOTNULL - ",Array('mysql' => 'TYPE=MyISAM', 'pgsql' => 'WITHOUT OIDS'))); - - $upgrade[] = Array('CreateTableSQL',Array(config_get('mantis_news_table')," -@@ -186,7 +186,7 @@ - view_state I2 NOTNULL DEFAULT '10', - announcement L NOTNULL DEFAULT '0', - headline C(64) NOTNULL DEFAULT \" '' \", -- body XS NOTNULL -+ body XL NOTNULL - ",Array('mysql' => 'TYPE=MyISAM', 'pgsql' => 'WITHOUT OIDS'))); - - $upgrade[] = Array('CreateTableSQL',Array(config_get('mantis_project_category_table')," -@@ -222,7 +222,7 @@ - view_state I2 NOTNULL DEFAULT '10', - access_min I2 NOTNULL DEFAULT '10', - file_path C(250) NOTNULL DEFAULT \" '' \", -- description XS NOTNULL -+ description XL NOTNULL - ",Array('mysql' => 'TYPE=MyISAM', 'pgsql' => 'WITHOUT OIDS'))); - $upgrade[] = Array('CreateIndexSQL',Array('idx_project_id',config_get('mantis_project_table'),'id')); - $upgrade[] = Array('CreateIndexSQL',Array('idx_project_name',config_get('mantis_project_table'),'name',Array('UNIQUE'))); -@@ -240,7 +240,7 @@ - project_id I UNSIGNED NOTNULL DEFAULT '0', - version C(64) NOTNULL DEFAULT \" '' \", - date_order T NOTNULL DEFAULT '1970-01-01 00:00:01', -- description XS NOTNULL, -+ description XL NOTNULL, - released L NOTNULL DEFAULT '1' - ",Array('mysql' => 'TYPE=MyISAM', 'pgsql' => 'WITHOUT OIDS'))); - $upgrade[] = Array('CreateIndexSQL',Array('idx_project_version',config_get('mantis_project_version_table'),'project_id,version',Array('UNIQUE'))); -@@ -265,7 +265,7 @@ - type I NOTNULL, - timestamp T NOTNULL, - expiry T, -- value XS NOTNULL", -+ value XL NOTNULL", - Array('mysql' => 'TYPE=MyISAM', 'pgsql' => 'WITHOUT OIDS'))); - - $upgrade[] = Array('CreateTableSQL',Array(config_get('mantis_user_pref_table')," -@@ -313,7 +313,7 @@ - platform C(32) NOTNULL DEFAULT \" '' \", - os C(32) NOTNULL DEFAULT \" '' \", - os_build C(32) NOTNULL DEFAULT \" '' \", -- description XS NOTNULL -+ description XL NOTNULL - ",Array('mysql' => 'TYPE=MyISAM', 'pgsql' => 'WITHOUT OIDS'))); - - $upgrade[] = Array('CreateTableSQL',Array(config_get('mantis_user_table')," diff --git a/www-apps/mantisbt/files/mantisbt-1.0.8-avoid-XSS-in-file_api.php.patch b/www-apps/mantisbt/files/mantisbt-1.0.8-avoid-XSS-in-file_api.php.patch deleted file mode 100644 index 274d9692fc1e..000000000000 --- a/www-apps/mantisbt/files/mantisbt-1.0.8-avoid-XSS-in-file_api.php.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: core/file_api.php -=================================================================== ---- core/file_api.php (リビジョン 4833) -+++ core/file_api.php (作業コピー) -@@ -163,7 +163,7 @@ - $row = $t_attachment_rows[$i]; - extract( $row, EXTR_PREFIX_ALL, 'v' ); - -- $t_file_display_name = file_get_display_name( $v_filename ); -+ $t_file_display_name = string_html_specialchars( file_get_display_name( $v_filename ) ); - $t_filesize = number_format( $v_filesize ); - $t_date_added = date( config_get( 'normal_date_format' ), db_unixtimestamp( $v_date_added ) ); - diff --git a/www-apps/mantisbt/files/mantisbt-1.1.2-svn-5369:5587.patch b/www-apps/mantisbt/files/mantisbt-1.1.2-svn-5369:5587.patch new file mode 100644 index 000000000000..5ef56e5fc727 --- /dev/null +++ b/www-apps/mantisbt/files/mantisbt-1.1.2-svn-5369:5587.patch @@ -0,0 +1,319 @@ +Index: doc/ChangeLog +=================================================================== +--- doc/ChangeLog (revision 5369) ++++ doc/ChangeLog (revision 5587) +@@ -2,6 +2,8 @@ + + 2008.06.17 - 1.1.2 + ==================== ++This release focused on fixing few security issues; also includes assorted fixes for translations, usability and compatibility (most notably, with postgres) and a nasty memory leak on the string API causing incomplete rendering of pages. All users are advised to upgrade. ++ + - 0008974: [security] XSS Vulnerability in filters (thraxisp) - closed. + - 0008975: [security] CSRF Vulnerabilities in user_create (jreese) - closed. + - 0008976: [security] Remote Code Execution in adm_config (giallu) - closed. +Index: config_defaults_inc.php +=================================================================== +--- config_defaults_inc.php (revision 5369) ++++ config_defaults_inc.php (revision 5587) +@@ -149,6 +149,9 @@ + # 'memcached' -> Memcached storage sessions + $g_session_handler = 'php'; + ++ # Session save path. If false, uses default value as set by session handler. ++ $g_session_save_path = false; ++ + ############################# + # Configuration Settings + ############################# +@@ -1938,4 +1941,4 @@ + + # The twitter account password. + $g_twitter_password = ''; +-?> ++ +Index: bug_graph_bystatus.php +=================================================================== +--- bug_graph_bystatus.php (revision 5369) ++++ bug_graph_bystatus.php (revision 5587) +@@ -148,6 +148,8 @@ + } + + ksort($t_view_status); ++ $t_label_string = lang_get('orct'); //use the (open/resolved/closed/total) label ++ $t_label_strings = explode('/', substr($t_label_string, 1, strlen($t_label_string)-2)); + + // add headers for table + if ($f_show_as_table) { +@@ -159,9 +161,9 @@ + html_body_begin(); + echo '<table class="width100"><tr><td></td>'; + if ($f_summary) { +- echo '<th>' . lang_get_defaulted('open') . '</th>'; +- echo '<th>' . lang_get_defaulted('resolved') . '</th>'; +- echo '<th>' . lang_get_defaulted('closed') . '</th>'; ++ echo '<th>' . $t_label_strings[0] . '</th>'; ++ echo '<th>' . $t_label_strings[1] . '</th>'; ++ echo '<th>' . $t_label_strings[2] . '</th>'; + } else { + foreach ( $t_view_status as $t_status => $t_label ) { + echo '<th>'.$t_label.' ('.$t_status.')</th>'; +@@ -176,9 +178,9 @@ + $t_labels = array(); + $i = 0; + if ($f_summary) { +- $t_labels[++$i] = lang_get_defaulted('open'); +- $t_labels[++$i] = lang_get_defaulted('resolved'); +- $t_labels[++$i] = lang_get_defaulted('closed'); ++ $t_labels[++$i] = $t_label_strings[0]; ++ $t_labels[++$i] = $t_label_strings[1]; ++ $t_labels[++$i] = $t_label_strings[2]; + } else { + foreach ( $t_view_status as $t_status => $t_label ) { + $t_labels[++$i] = isset($t_status_labels[$t_status]) ? $t_status_labels[$t_status] : lang_get_defaulted($t_label); +@@ -228,6 +230,6 @@ + html_body_end(); + html_end(); + } else { +- graph_bydate( $t_metrics, $t_labels, lang_get( 'by_category' ), $f_width, $f_width * $t_ar ); ++ graph_bydate( $t_metrics, $t_labels, lang_get( 'by_status' ), $f_width, $f_width * $t_ar ); + } + ?> +\ No newline at end of file +Index: manage_user_prune.php +=================================================================== +--- manage_user_prune.php (revision 5369) ++++ manage_user_prune.php (revision 5587) +@@ -1,4 +1,4 @@ +-2<?php ++<?php + # Mantis - a php based bugtracking system + + # Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org +Index: manage_proj_edit_page.php +=================================================================== +--- manage_proj_edit_page.php (revision 5369) ++++ manage_proj_edit_page.php (revision 5587) +@@ -527,7 +527,8 @@ + <td class="center"> + <?php + # You need global permissions to edit custom field defs +- print_button( "manage_proj_custom_field_remove.php?field_id={$t_field_id}&project_id={$f_project_id}", lang_get( 'remove_link' ) ); ++ $t_remove_token = form_security_param( 'manage_proj_custom_field_remove' ); ++ print_button( "manage_proj_custom_field_remove.php?field_id={$t_field_id}&project_id={$f_project_id}$t_remove_token", lang_get( 'remove_link' ) ); + ?> + </td> + </tr> +Index: core/bug_api.php +=================================================================== +--- core/bug_api.php (revision 5369) ++++ core/bug_api.php (revision 5587) +@@ -1264,9 +1264,6 @@ + # the relationship type is already set. Nothing to do + } + else if ( $t_id_relationship > 0 ) { +- # there is already a relationship between them -> we have to update it and not to add a new one +- helper_ensure_confirmed( lang_get( 'replace_relationship_sure_msg' ), lang_get( 'replace_relationship_button' ) ); +- + # Update the relationship + relationship_update( $t_id_relationship, $p_bug_id, $p_duplicate_id, BUG_DUPLICATE ); + +Index: core/print_api.php +=================================================================== +--- core/print_api.php (revision 5369) ++++ core/print_api.php (revision 5587) +@@ -304,7 +304,7 @@ + ?> + <input type="hidden" id="tag_separator" value="<?php echo config_get( 'tag_separator' ) ?>" /> + <input type="text" name="tag_string" id="tag_string" size="40" value="<?php echo string_attribute( $p_string ) ?>" /> +- <select <?php echo helper_get_tab_index() ?> name="tag_select" id="tag_select"> ++ <select <?php echo helper_get_tab_index() ?> name="tag_select" id="tag_select" onchange="tag_string_append( this.options[ this.selectedIndex ].text );"> + <?php print_tag_option_list( $p_bug_id ); ?> + </select> + <?php +@@ -334,7 +334,7 @@ + + echo '<option value="0">',lang_get( 'tag_existing' ),'</option>'; + while ( $row = db_fetch_array( $result ) ) { +- echo '<option value="',$row['id'],'" onclick="tag_string_append(\'',$row['name'],'\')">',$row['name'],'</option>'; ++ echo '<option value="',$row['id'],'">',$row['name'],'</option>'; + } + } + +Index: core/user_api.php +=================================================================== +--- core/user_api.php (revision 5369) ++++ core/user_api.php (revision 5587) +@@ -655,10 +655,22 @@ + } else { + $t_default_image = config_get( 'default_avatar' ); + $t_size = 80; +- $t_avatar_url = "http://www.gravatar.com/avatar.php?gravatar_id=" . md5( $t_email ) . +- "&default=" . urlencode( $t_default_image ) . +- "&size=" . $t_size . +- "&rating=G"; ++ ++ $t_use_ssl = false; ++ if ( isset( $_SERVER['HTTPS'] ) && ( strtolower( $_SERVER['HTTPS'] ) != 'off' ) ) { ++ $t_use_ssl = true; ++ } ++ ++ if ( !$t_use_ssl ) { ++ $t_gravatar_domain = 'http://www.gravatar.com/'; ++ } else { ++ $t_gravatar_domain = 'https://secure.gravatar.com/'; ++ } ++ ++ $t_avatar_url = $t_gravatar_domain . 'avatar.php?gravatar_id=' . md5( $t_email ) . ++ '&default=' . urlencode( $t_default_image ) . ++ '&size=' . $t_size . ++ '&rating=G'; + $t_result = array( $t_avatar_url, $t_size, $t_size ); + } + +Index: core/bugnote_api.php +=================================================================== +--- core/bugnote_api.php (revision 5369) ++++ core/bugnote_api.php (revision 5587) +@@ -99,7 +99,7 @@ + # Add a bugnote to a bug + # + # return the ID of the new bugnote +- function bugnote_add ( $p_bug_id, $p_bugnote_text, $p_time_tracking = '0:00', $p_private = false, $p_type = 0, $p_attr = '', $p_user_id = null ) { ++ function bugnote_add ( $p_bug_id, $p_bugnote_text, $p_time_tracking = '0:00', $p_private = false, $p_type = 0, $p_attr = '', $p_user_id = null, $p_send_email = TRUE ) { + $c_bug_id = db_prepare_int( $p_bug_id ); + $c_bugnote_text = db_prepare_string( $p_bugnote_text ); + $c_time_tracking = db_prepare_time( $p_time_tracking ); +Index: core/session_api.php +=================================================================== +--- core/session_api.php (revision 5369) ++++ core/session_api.php (revision 5587) +@@ -49,6 +49,15 @@ + */ + class MantisPHPSession extends MantisSession { + function __construct() { ++ $t_session_save_path = config_get_global( 'session_save_path' ); ++ if ( $t_session_save_path ) { ++ session_save_path( $t_session_save_path ); ++ } ++ ++ session_cache_limiter( 'private_no_expire' ); ++ if ( isset( $_SERVER['HTTPS'] ) && ( strtolower( $_SERVER['HTTPS'] ) != 'off' ) ) { ++ session_set_cookie_params( 0, config_get( 'cookie_path' ), config_get( 'cookie_domain' ), true, true ); ++ } + session_start(); + $this->id = session_id(); + } +Index: core/string_api.php +=================================================================== +--- core/string_api.php (revision 5369) ++++ core/string_api.php (revision 5587) +@@ -306,7 +306,7 @@ + if ( !isset( $string_process_bug_link_callback[$p_include_anchor][$p_detail_info][$p_fqdn] ) ) { + if ($p_include_anchor) { + $string_process_bug_link_callback[$p_include_anchor][$p_detail_info][$p_fqdn] = create_function('$p_array',' +- if (bug_exists( (int)$p_array[2] ) ) { ++ if ( bug_exists( (int)$p_array[2] ) && access_has_bug_level( VIEWER, (int)$p_array[2] ) ) { + return $p_array[1] . string_get_bug_view_link( (int)$p_array[2], null, ' . ($p_detail_info ? 'true' : 'false') . ', ' . ($p_fqdn ? 'true' : 'false') . '); + } else { + return $p_array[0]; +Index: bug_update.php +=================================================================== +--- bug_update.php (revision 5369) ++++ bug_update.php (revision 5587) +@@ -31,8 +31,6 @@ + require_once( $t_core_path.'bugnote_api.php' ); + require_once( $t_core_path.'custom_field_api.php' ); + +- form_security_validate( 'bug_update' ); +- + $f_bug_id = gpc_get_int( 'bug_id' ); + $f_update_mode = gpc_get_bool( 'update_mode', FALSE ); # set if called from generic update page + $f_new_status = gpc_get_int( 'status', bug_get_field( $f_bug_id, 'status' ) ); +@@ -140,6 +138,8 @@ + } + } + ++ form_security_validate( 'bug_update' ); ++ + $t_notify = true; + $t_bug_note_set = false; + if ( ( $t_old_bug_status != $t_bug_data->status ) && ( FALSE == $f_update_mode ) ) { +Index: manage_config_work_threshold_page.php +=================================================================== +--- manage_config_work_threshold_page.php (revision 5369) ++++ manage_config_work_threshold_page.php (revision 5587) +@@ -322,6 +322,7 @@ + + if ( $t_show_submit && ( 0 < count( $t_overrides ) ) ) { + echo "<div class=\"right\"><form name=\"threshold_config_action\" method=\"post\" action=\"manage_config_revert.php\">\n"; ++ echo form_security_field( 'manage_config_revert' ); + echo "<input name=\"revert\" type=\"hidden\" value=\"" . implode( ',', $t_overrides ) . "\"></input>"; + echo "<input name=\"project\" type=\"hidden\" value=\"$t_project_id\"></input>"; + echo "<input name=\"return\" type=\"hidden\" value=\"" . $_SERVER['PHP_SELF'] ."\"></input>"; +Index: adm_config_set.php +=================================================================== +--- adm_config_set.php (revision 5369) ++++ adm_config_set.php (revision 5587) +@@ -81,7 +81,7 @@ + # 2. simple arrays with the form: array( a, b, c, d ) + # 3. associative arrays with the form: array( a=>1, b=>2, c=>3, d=>4 ) + $t_full_string = trim( $f_value ); +- if ( preg_match('/array\((.*)\)/', $t_full_string, $t_match ) === 1 ) { ++ if ( preg_match('/array[\s]*\((.*)\)/', $t_full_string, $t_match ) === 1 ) { + // we have an array here + $t_values = split( ',', trim( $t_match[1] ) ); + foreach ( $t_values as $key => $value ) { +Index: roadmap_page.php +=================================================================== +--- roadmap_page.php (revision 5369) ++++ roadmap_page.php (revision 5587) +@@ -195,7 +195,7 @@ + $t_issue_id = $t_issue_ids[$k]; + $t_issue_parent = $t_issue_parents[$k]; + +- if ( in_array( $t_issue_id, $t_cycle_ids ) || in_array( $t_parent_id, $t_cycle_ids ) ) { ++ if ( in_array( $t_issue_id, $t_cycle_ids ) || in_array( $t_issue_parent, $t_cycle_ids ) ) { + $t_cycle = true; + } else { + $t_cycle = false; +Index: core.php +=================================================================== +--- core.php (revision 5369) ++++ core.php (revision 5587) +@@ -144,15 +144,33 @@ + # OPENED ANYWHERE ELSE. + require_once( $t_core_path.'database_api.php' ); + ++ # Basic browser detection ++ $t_user_agent = $_SERVER['HTTP_USER_AGENT']; ++ ++ $t_browser_name = 'Normal'; ++ if ( strpos( $t_user_agent, 'MSIE' ) ) { ++ $t_browser_name = 'IE'; ++ } ++ + # Headers to prevent caching + # with option to bypass if running from script + global $g_bypass_headers, $g_allow_browser_cache; + if ( !isset( $g_bypass_headers ) && !headers_sent() ) { +- if ( ! isset( $g_allow_browser_cache ) ) { +- header( 'Pragma: no-cache' ); ++ ++ if ( isset( $g_allow_browser_cache ) ) { ++ switch ( $t_browser_name ) { ++ case 'IE': ++ header( 'Cache-Control: private, proxy-revalidate' ); ++ break; ++ default: ++ header( 'Cache-Control: private, must-revalidate' ); ++ break; ++ } ++ ++ } else { + header( 'Cache-Control: no-store, no-cache, must-revalidate' ); +- header( 'Cache-Control: post-check=0, pre-check=0', false ); + } ++ + header( 'Expires: ' . gmdate( 'D, d M Y H:i:s \G\M\T', time() ) ); + + # SEND USER-DEFINED HEADERS diff --git a/www-apps/mantisbt/mantisbt-1.0.8-r1.ebuild b/www-apps/mantisbt/mantisbt-1.0.8-r1.ebuild deleted file mode 100644 index 88162c4fde0c..000000000000 --- a/www-apps/mantisbt/mantisbt-1.0.8-r1.ebuild +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright 1999-2008 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/mantisbt-1.0.8-r1.ebuild,v 1.4 2008/01/23 16:07:34 beandog Exp $ - -inherit eutils webapp - -IUSE="bundled-adodb" -MY_P=mantis-${PV} - -DESCRIPTION="PHP/MySQL/Web based bugtracking system" -HOMEPAGE="http://www.mantisbt.org/" -SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.gz" - -S=${WORKDIR}/${MY_P} - -KEYWORDS="amd64 ppc x86" - -RDEPEND=" - virtual/httpd-php - virtual/httpd-cgi - !bundled-adodb? ( dev-php/adodb ) -" - -LICENSE="GPL-2" - -src_unpack() { - unpack ${A} - cd "${S}" - - # http://www.mantisbt.org/bugs/view.php?id=8256 - epatch "${FILESDIR}"/${P}-avoid-XS-type-in-schema.php.patch - # http://www.mantisbt.org/bugs/view.php?id=8679 - epatch "${FILESDIR}"/${P}-avoid-XSS-in-file_api.php.patch - - if use bundled-adodb ; then - sed -ie \ - "s:require_once( 'adodb/adodb.inc.php' );:require_once( \$t_core_dir . 'adodb/adodb.inc.php' );:" \ - "${S}"/core/database_api.php - else - rm -r "${S}"/core/adodb/ - fi - - # Fix permitions. Should be fixed in 1.0.9 - find "${S}" -type f -exec chmod 644 \{\} \; - find "${S}" -type d -exec chmod 755 \{\} \; -} - -src_install() { - webapp_src_preinst - rm doc/{LICENSE,INSTALL} - dodoc doc/* - - cp -R . "${D}"/${MY_HTDOCSDIR} - rm -rf "${D}"/${MY_HTDOCSDIR}/doc - - mv "${D}"/${MY_HTDOCSDIR}/config_inc.php.sample "${D}"/${MY_HTDOCSDIR}/config_inc.php - - webapp_configfile ${MY_HTDOCSDIR}/config_inc.php - webapp_postinst_txt en "${FILESDIR}"/postinstall-en-1.0.0.txt - webapp_src_install -} diff --git a/www-apps/mantisbt/mantisbt-1.1.1.ebuild b/www-apps/mantisbt/mantisbt-1.1.2-r1.ebuild index 1044a8d3de11..26df6c53c0a9 100644 --- a/www-apps/mantisbt/mantisbt-1.1.1.ebuild +++ b/www-apps/mantisbt/mantisbt-1.1.2-r1.ebuild @@ -1,27 +1,25 @@ # Copyright 1999-2008 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/mantisbt-1.1.1.ebuild,v 1.1 2008/01/22 16:24:17 pva Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-apps/mantisbt/mantisbt-1.1.2-r1.ebuild,v 1.1 2008/09/29 07:00:22 pva Exp $ inherit eutils webapp depend.php -IUSE="bundled-adodb" MY_P=mantis-${PV} DESCRIPTION="PHP/MySQL/Web based bugtracking system" HOMEPAGE="http://www.mantisbt.org/" SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.gz" -S=${WORKDIR}/${MY_P} - +LICENSE="GPL-2" KEYWORDS="~amd64 ~ppc ~x86" +IUSE="" RDEPEND=" virtual/httpd-php virtual/httpd-cgi - !bundled-adodb? ( dev-php/adodb ) -" + dev-php/adodb" -LICENSE="GPL-2" +S=${WORKDIR}/${MY_P} pkg_setup() { webapp_pkg_setup @@ -33,13 +31,8 @@ src_unpack() { unpack ${A} cd "${S}" - if ! use bundled-adodb ; then - sed -i -e \ - "s:require_once( 'adodb/adodb.inc.php' );:require_once( \$t_core_dir . 'adodb/adodb.inc.php' );:" \ - "${S}"/core/database_api.php - else - rm -r "${S}"/core/adodb/ - fi + rm -r "${S}"/core/adodb/ # We use external adodb + epatch "${FILESDIR}"/${P}-svn-5369:5587.patch } src_install() { |