[net-nds/phpldapadmin] Package bump to apply security fixes for bug 388349.

(Portage version: 2.2.0_alpha69/cvs/Linux x86_64)

4 files changed, 114 insertions, 1 deletions

diff --git a/net-nds/phpldapadmin/ChangeLog b/net-nds/phpldapadmin/ChangeLog
index a93ffd5f912f..253242e6e39f 100644
--- a/net-nds/phpldapadmin/ChangeLog
+++ b/net-nds/phpldapadmin/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for net-nds/phpldapadmin
 # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-nds/phpldapadmin/ChangeLog,v 1.53 2011/10/20 19:38:09 jmbsvicetto Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-nds/phpldapadmin/ChangeLog,v 1.54 2011/10/25 18:18:43 jmbsvicetto Exp $
+
+*phpldapadmin-1.2.1.1-r1 (25 Oct 2011)
+
+  25 Oct 2011; <atlantis@gentoo.org> +phpldapadmin-1.2.1.1-r1.ebuild,
+  +files/phpldapadmin-1.2.1.1-fix-cmd-exploit.patch,
+  +files/phpldapadmin-1.2.1.1-fix-functions-exploit.patch:
+  [net-nds/phpldapadmin] Package bump to apply security fixes for bug 388349.
 
 *phpldapadmin-1.2.1.1 (20 Oct 2011)
 
diff --git a/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-cmd-exploit.patch b/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-cmd-exploit.patch
new file mode 100644
index 000000000000..b5ae92d0425c
--- /dev/null
+++ b/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-cmd-exploit.patch
@@ -0,0 +1,27 @@
+From 64668e882b8866fae0fa1b25375d1a2f3b4672e2 Mon Sep 17 00:00:00 2001
+From: Deon George <wurley@users.sf.net>
+Date: Wed, 27 Jul 2011 07:30:06 +1000
+Subject: [PATCH] Remove XSS vulnerabilty in debug code
+
+---
+ htdocs/cmd.php |    4 ----
+ 1 files changed, 0 insertions(+), 4 deletions(-)
+
+diff --git a/htdocs/cmd.php b/htdocs/cmd.php
+index 34f3848..0ddf004 100644
+--- a/htdocs/cmd.php
++++ b/htdocs/cmd.php
+@@ -19,10 +19,6 @@ $www['meth'] = get_request('meth','REQUEST');
+ ob_start();
+ 
+ switch ($www['cmd']) {
+-	case '_debug':
+-		debug_dump($_REQUEST,1);
+-		break;
+-
+ 	default:
+ 		if (defined('HOOKSDIR') && file_exists(HOOKSDIR.$www['cmd'].'.php'))
+ 			$app['script_cmd'] = HOOKSDIR.$www['cmd'].'.php';
+-- 
+1.7.4.1
+
diff --git a/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-functions-exploit.patch b/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-functions-exploit.patch
new file mode 100644
index 000000000000..bc18b452ca02
--- /dev/null
+++ b/net-nds/phpldapadmin/files/phpldapadmin-1.2.1.1-fix-functions-exploit.patch
@@ -0,0 +1,28 @@
+From 76e6dad13ef77c5448b8dfed1a61e4acc7241165 Mon Sep 17 00:00:00 2001
+From: Deon George <wurley@users.sf.net>
+Date: Thu, 6 Oct 2011 09:03:20 +1100
+Subject: [PATCH] SF Bug #3417184 - PHP Code Injection Vulnerability
+
+---
+ lib/functions.php |    5 +++--
+ 1 files changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/lib/functions.php b/lib/functions.php
+index 19fde99..eb160dc 100644
+--- a/lib/functions.php
++++ b/lib/functions.php
+@@ -1003,8 +1003,9 @@ function masort(&$data,$sortby,$rev=0) {
+ 	if (defined('DEBUG_ENABLED') && DEBUG_ENABLED && (($fargs=func_get_args())||$fargs='NOARGS'))
+ 		debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs);
+ 
+-	# if the array to sort is null or empty
+-	if (! $data) return;
++	# if the array to sort is null or empty, or if we have some nasty chars
++	if (! preg_match('/^[a-zA-Z0-9_]+(\([a-zA-Z0-9_,]*\))?$/',$sortby) || ! $data)
++		return;
+ 
+ 	static $CACHE = array();
+ 
+-- 
+1.7.4.1
+
diff --git a/net-nds/phpldapadmin/phpldapadmin-1.2.1.1-r1.ebuild b/net-nds/phpldapadmin/phpldapadmin-1.2.1.1-r1.ebuild
new file mode 100644
index 000000000000..11f9926b4054
--- /dev/null
+++ b/net-nds/phpldapadmin/phpldapadmin-1.2.1.1-r1.ebuild
@@ -0,0 +1,51 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-nds/phpldapadmin/phpldapadmin-1.2.1.1-r1.ebuild,v 1.1 2011/10/25 18:18:43 jmbsvicetto Exp $
+
+EAPI="2"
+
+inherit webapp depend.php
+
+DESCRIPTION="phpLDAPadmin is a web-based tool for managing all aspects of your LDAP server."
+HOMEPAGE="http://phpldapadmin.sourceforge.net"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tgz"
+
+LICENSE="GPL-2"
+KEYWORDS="~alpha ~amd64 ~ia64 ~ppc ~sparc ~x86"
+IUSE=""
+
+RDEPEND="dev-lang/php[hash,ldap,session,xml,nls]
+		 || ( <dev-lang/php-5.3[pcre] >=dev-lang/php-5.3 )"
+
+need_httpd_cgi
+need_php_httpd
+
+src_prepare() {
+	mv config/config.php.example config/config.php
+	epatch "${FILESDIR}/${P}-fix-magic-quotes.patch"
+
+	# Security patches for secunia advisory 46551
+	# https://secunia.com/advisories/46551/
+	# CVE-2011-4075
+	epatch "${FILESDIR}/${P}-fix-functions-exploit.patch"
+	# CVE-2011-4074
+	epatch "${FILESDIR}/${P}-fix-cmd-exploit.patch"
+}
+
+src_install() {
+	webapp_src_preinst
+
+	dodoc INSTALL
+
+	# Restrict config file access - bug 280836
+	chown root:apache "config/config.php"
+	chmod 640 "config/config.php"
+
+	insinto "${MY_HTDOCSDIR}"
+	doins -r *
+
+	webapp_configfile "${MY_HTDOCSDIR}/config/config.php"
+	webapp_postinst_txt en "${FILESDIR}"/postinstall2-en.txt
+
+	webapp_src_install
+}