From 7aa294ea3f1d6dbbeeef7f167d24373b7a1b5b94 Mon Sep 17 00:00:00 2001 From: Martin Holzer Date: Fri, 5 Dec 2003 16:23:48 +0000 Subject: security was added by upstream maintainer. --- net-www/phpBB/ChangeLog | 6 ++- net-www/phpBB/Manifest | 4 +- net-www/phpBB/files/phpBB-2.0.6-security.patch | 71 -------------------------- 3 files changed, 7 insertions(+), 74 deletions(-) (limited to 'net-www/phpBB') diff --git a/net-www/phpBB/ChangeLog b/net-www/phpBB/ChangeLog index 514743343dce..40d2dcebabce 100644 --- a/net-www/phpBB/ChangeLog +++ b/net-www/phpBB/ChangeLog @@ -1,6 +1,10 @@ # ChangeLog for net-www/phpBB # Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-www/phpBB/ChangeLog,v 1.7 2003/12/02 21:15:18 mholzer Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-www/phpBB/ChangeLog,v 1.8 2003/12/05 16:23:24 mholzer Exp $ + + 05 Dec 2003; Martin Holzer + files/phpBB-2.0.6-security.patch: + security was added by upstream maintainer. 02 Dec 2003; Martin Holzer : updating digest. Closes #34914. diff --git a/net-www/phpBB/Manifest b/net-www/phpBB/Manifest index bf46cd21f7a2..ce88d8d28cbc 100644 --- a/net-www/phpBB/Manifest +++ b/net-www/phpBB/Manifest @@ -1,5 +1,5 @@ MD5 c57737d533a511c0dfba563c2666c539 phpBB-2.0.6-r1.ebuild 1355 MD5 c339473e0ff43da76eb2f2607c441921 metadata.xml 280 -MD5 6e4c0159ae1fcdb566ba11861e293a2e ChangeLog 1016 +MD5 7675bfcd56e7033f7d60fc7ca782857a ChangeLog 1148 MD5 dc9a19b96db520d00360f90c82aedc9d files/digest-phpBB-2.0.6-r1 63 -MD5 dd352cf51cdca8cd8b7275b2bad5a427 files/phpBB-2.0.6-security.patch 4003 +MD5 baf12ebb39a1b14b5b0bf0fa9320eba8 files/phpBB-2.0.6-security.patch 248 diff --git a/net-www/phpBB/files/phpBB-2.0.6-security.patch b/net-www/phpBB/files/phpBB-2.0.6-security.patch index 4f98d0c46958..8db8e0bf487a 100644 --- a/net-www/phpBB/files/phpBB-2.0.6-security.patch +++ b/net-www/phpBB/files/phpBB-2.0.6-security.patch @@ -1,76 +1,5 @@ --- includes/bbcode.php.org 2003-09-24 00:15:41.000000000 +0000 +++ includes/bbcode.php 2003-09-24 00:22:05.000000000 +0000 -@@ -105,7 +105,7 @@ - $bbcode_tpl['url3'] = str_replace('{DESCRIPTION}', '\\2', $bbcode_tpl['url3']); - - $bbcode_tpl['url4'] = str_replace('{URL}', 'http://\\1', $bbcode_tpl['url']); -- $bbcode_tpl['url4'] = str_replace('{DESCRIPTION}', '\\5', $bbcode_tpl['url4']); -+ $bbcode_tpl['url4'] = str_replace('{DESCRIPTION}', '\\3', $bbcode_tpl['url4']); - - $bbcode_tpl['email'] = str_replace('{EMAIL}', '\\1', $bbcode_tpl['email']); - -@@ -197,21 +197,21 @@ - $patterns[] = "#\[img:$uid\](.*?)\[/img:$uid\]#si"; - $replacements[] = $bbcode_tpl['img']; - -- // matches a [url]xxxx://www.phpbb.com[/url] code.. -- $patterns[] = "#\[url\]([\w]+?://.*?[^ \"\n\r\t<]*?)\[/url\]#is"; -- $replacements[] = $bbcode_tpl['url1']; -- -- // [url]www.phpbb.com[/url] code.. (no xxxx:// prefix). -- $patterns[] = "#\[url\]((www|ftp)\.([\w\-]+\.)*?[\w\-]+\.[a-z]{2,4}(:?[0-9]*?/[^ \"\n\r\t<]*)?)\[/url\]#is"; -- $replacements[] = $bbcode_tpl['url2']; -- -- // [url=xxxx://www.phpbb.com]phpBB[/url] code.. -- $patterns[] = "#\[url=([\w]+?://.*?[^ \"\n\r\t<]*?)\](.*?)\[/url\]#is"; -- $replacements[] = $bbcode_tpl['url3']; -- -- // [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix). -- $patterns[] = "#\[url=((www|ftp)\.([\w\-]+\.)*?[\w\-]+\.[a-z]{2,4}(:?[0-9]*?/[^ \"\n\r\t<]*)?)\](.*?)\[/url\]#is"; -- $replacements[] = $bbcode_tpl['url4']; -+ // matches a [url]xxxx://www.phpbb.com[/url] code.. -+ $patterns[] = "#\[url\]([\w]+?://[^ \"\n\r\t<]*?)\[/url\]#is"; -+ $replacements[] = $bbcode_tpl['url1']; -+ -+ // [url]www.phpbb.com[/url] code.. (no xxxx:// prefix). -+ $patterns[] = "#\[url\]((www|ftp)\.[^ \"\n\r\t<]*?)\[/url\]#is"; -+ $replacements[] = $bbcode_tpl['url2']; -+ -+ // [url=xxxx://www.phpbb.com]phpBB[/url] code.. -+ $patterns[] = "#\[url=([\w]+?://[^ \"\n\r\t<]*?)\](.*?)\[/url\]#is"; -+ $replacements[] = $bbcode_tpl['url3']; -+ -+ // [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix). -+ $patterns[] = "#\[url=((www|ftp)\.[^ \"\n\r\t<]*?)\](.*?)\[/url\]#is"; -+ $replacements[] = $bbcode_tpl['url4']; - - // [email]user@domain.tld[/email] code.. - $patterns[] = "#\[email\]([a-z0-9&\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+)\[/email\]#si"; -@@ -618,16 +618,16 @@ - // pad it with a space so we can match things at the start of the 1st line. - $ret = ' ' . $text; - -- // matches an "xxxx://yyyy" URL at the start of a line, or after a space. -- // xxxx can only be alpha characters. -- // yyyy is anything up to the first space, newline, comma, double quote or < -- $ret = preg_replace("#(^|[\n ])([\w]+?://.*?[^ \"\n\r\t<]*)#is", "\\1\\2", $ret); -+ //matches an "xxxx://yyyy" URL at the start of a line, or after a space. -+ // xxxx can only be alpha characters. -+ // yyyy is anything up to the first space, newline, comma, double quote or < -+ $ret = preg_replace("#(^|[\n ])([\w]+?://[^ \"\n\r\t<]*)#is", "\\1\\2", $ret); - -- // matches a "www|ftp.xxxx.yyyy[/zzzz]" kinda lazy URL thing -- // Must contain at least 2 dots. xxxx contains either alphanum, or "-" -+ // matches a "www|ftp.xxxx.yyyy[/zzzz]" kinda lazy URL thing -+ // Must contain at least 2 dots. xxxx contains either alphanum, or "-" - // zzzz is optional.. will contain everything up to the first space, newline, -- // comma, double quote or <. -- $ret = preg_replace("#(^|[\n ])((www|ftp)\.[\w\-]+\.[\w\-.\~]+(?:/[^ \"\t\n\r<]*)?)#is", "\\1\\2", $ret); -+ // comma, double quote or <. -+ $ret = preg_replace("#(^|[\n ])((www|ftp)\.[^ \"\t\n\r<]*)#is", "\\1\\2", $ret); - - // matches an email@domain type address at the start of a line, or after a space. - // Note: Only the followed chars are valid; alphanums, "-", "_" and or ".". @@ -782,4 +782,4 @@ return ( strlen($a['code']) > strlen($b['code']) ) ? -1 : 1; } -- cgit v1.2.3-65-gdbad