diff options
| author |   Renat Lumpau <rl03@gentoo.org> | 2006-03-27 17:56:24 +0000 |
|---|---|---|
| committer | Renat Lumpau <rl03@gentoo.org> | 2006-03-27 17:56:24 +0000 |
| commit | c8aa9b76775773a3345c801651841676a4ac9185 (patch) | |
| tree | 9aa65f1d906c6647c059eace4f8a949d06cf62d0 /www-apps/twiki/files | |
| parent | addwrite /root/.PfaEdit workaround #127723 (diff) | |
| download | historical-c8aa9b76775773a3345c801651841676a4ac9185.tar.gz historical-c8aa9b76775773a3345c801651841676a4ac9185.tar.bz2 historical-c8aa9b76775773a3345c801651841676a4ac9185.zip | |
Patch for CVE-2006-1387 ( bug #127758 ).
Package-Manager: portage-2.1_pre6-r3
Diffstat (limited to 'www-apps/twiki/files')
| -rw-r--r-- | www-apps/twiki/files/CVE-2006-1387.patch | 14 | ||||
| -rw-r--r-- | www-apps/twiki/files/digest-twiki-4.0.1-r2 (renamed from www-apps/twiki/files/digest-twiki-4.0.1-r1) | 0 |
2 files changed, 14 insertions, 0 deletions
diff --git a/www-apps/twiki/files/CVE-2006-1387.patch b/www-apps/twiki/files/CVE-2006-1387.patch new file mode 100644 index 000000000000..912559c8a489 --- /dev/null +++ b/www-apps/twiki/files/CVE-2006-1387.patch @@ -0,0 +1,14 @@ +diff -ur work/lib/TWiki.pm work_patched/lib/TWiki.pm +--- work/lib/TWiki.pm 2006-02-07 10:08:46.000000000 -0500 ++++ work_patched/lib/TWiki.pm 2006-03-27 12:52:39.000000000 -0500 +@@ -1514,6 +1514,10 @@ + # Fetch content from a URL for inclusion by an INCLUDE + sub _includeUrl { + my( $this, $theUrl, $thePattern, $theWeb, $theTopic ) = @_; ++ ++ # Fix for Codev.SecurityAdvisoryDosAttackWithInclude ++ return "%RED% Include of URL is disabled %ENDCOLOR%"; ++ + my $text = ''; + my $host = ''; + my $port = 80; diff --git a/www-apps/twiki/files/digest-twiki-4.0.1-r1 b/www-apps/twiki/files/digest-twiki-4.0.1-r2 index 18b0503f8fd4..18b0503f8fd4 100644 --- a/www-apps/twiki/files/digest-twiki-4.0.1-r1 +++ b/www-apps/twiki/files/digest-twiki-4.0.1-r2 |