summaryrefslogtreecommitdiff
path: root/www-apps/websvn
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2017-10-09 18:53:29 +0100
committerV3n3RiX <venerix@redcorelinux.org>2017-10-09 18:53:29 +0100
commit4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch)
treeba5f07bf3f9d22d82e54a462313f5d244036c768 /www-apps/websvn
reinit the tree, so we can have metadata
Diffstat (limited to 'www-apps/websvn')
-rw-r--r--www-apps/websvn/Manifest8
-rw-r--r--www-apps/websvn/files/13_security_CVE-2013-6892.patch39
-rw-r--r--www-apps/websvn/files/30_CVE-2016-2511.patch11
-rw-r--r--www-apps/websvn/files/31_CVE-2016-1236.patch61
-rw-r--r--www-apps/websvn/metadata.xml11
-rw-r--r--www-apps/websvn/websvn-2.3.3-r1.ebuild53
6 files changed, 183 insertions, 0 deletions
diff --git a/www-apps/websvn/Manifest b/www-apps/websvn/Manifest
new file mode 100644
index 000000000000..e72bb3c38d39
--- /dev/null
+++ b/www-apps/websvn/Manifest
@@ -0,0 +1,8 @@
+AUX 13_security_CVE-2013-6892.patch 1624 SHA256 ed9a4a319e4e37238e1d4dfc6251568c846cf2e29bdd6d7a1c015d33c137ae74 SHA512 93c92d09f4deb4368d78146dd5aae6ebc800974e4cf6a5ca9e2fe8a391631b6ab011fa1ba15443b27d8053f75e693c81d330db87ff533441b5381f3af9c9e43e WHIRLPOOL 4e711b69e504898964ec2a4a22e8e1ff5a4b55a197fe0fd5c477f0d58e36d4de821eacebc83e55d4488adf6f7cc7abca3ecc9676c56a6d93b75ce4fadbf8fe82
+AUX 30_CVE-2016-2511.patch 605 SHA256 164781875f08caf6863002076ac8b5cf210a621b628e4cc8a4605a838a8e5af9 SHA512 ee6f538c050d98ec058d586349ae90bc682a0e869b5bf53005e5badf6b583e697ac6411468abb218f78365ac1867a5ed576b99917ff9427740d82256d29f150b WHIRLPOOL 0f01f6b8977db21ed9cc9b119a30c7ee84db97deaacdc0098307102ce908a0c729e131f7813e96d41fa6474633d17ba370ee387cc2d774d22a4f2476d1ad08ed
+AUX 31_CVE-2016-1236.patch 2523 SHA256 ce73c20506dcafad2fc3509218df50420980cbd26b034ba403d7446d8261c009 SHA512 d41a2afe42ac520d8c2d8085f90b1dc4364d82d7fc8905e54b40cbdaa80abf902c0b37b075a78c3af30feb2a1869efb11519e7b6a42d691ecd8e51c41f8b4382 WHIRLPOOL 0863f8091e9bb9e335b81e86d6802ea5fb897c6e49d41823ad339bddd9ad964a5df4f17f95e5afabfe87a15d02d6fe215c7dd24254935b15068729effe638d78
+DIST websvn-2.3.3.tar.gz 882779 SHA256 67d5cb7ffb087f8a92e3dcad10f16612baac4d15a60d659aa8b6e06200ac8742 SHA512 8c77a9770dfc3c9487793cd71c460d4048aa4aa7b8520a53eea8ae872f30e06d885f849d63fa0e9f61ed5923f9dd9c5ef1f3c4f020afaa83d7815a99d64818a0 WHIRLPOOL efd59ddbe6a84d2b0bce9286271627e485c77b93dd0ad998ecaa4bad8bfb246f62508c3e1d6183194b9f64313f223bb44fc8d8fdf0c1f176efb808b3cbf7e7d9
+EBUILD websvn-2.3.3-r1.ebuild 1143 SHA256 7046dac3291354340d8c7e8aba0c236fd42c336e61daad58f55cd463be10e8d2 SHA512 b3bd4c4e5a7d694fbadd3ea1b01f1e1359f832b703b5aa438abd80d00c6cec314e5b851812a0238e5edaa444c4a2828366281ea41ae2dd26b6e57c0002a80ede WHIRLPOOL ea23c9bd9c1693e8a249369b555fc7f4ac6e2a4c5be834aeb9491a1cdf68e9a0fb6c67c7cea53a3d3dc7f66ea963c3e92ce42b98cd1167fef574b3cc173719c7
+MISC ChangeLog 4333 SHA256 8f73cb595d2f131bf92ceba30574f42b9cf4bb6ebe5822295e505364a5b3af74 SHA512 ebe0903a62fd4d4a6de10821a35080e131d1da8962dc1ef157b501926add6b5b90bdd1cec9bb4af71f80dd30d57ab716ebb5ccbc1cd785793f33409f35d0a3ae WHIRLPOOL 9854c4d1a1d5f640c599451e90cf95f84db86efc3d26d8d53020f83996e8de727f511b5eb7db5cc0c9d08da730794b64b895e4249901b86444a7cd7d6b03527f
+MISC ChangeLog-2015 6900 SHA256 542deadcf836d7d7adbd9231a2dee47fdb58ecd4ccb9354f34d91933936ec37d SHA512 9cc78afb963abb119d8dce23b12d0cc1e6282ce766fd3f2e2df3051d9611d50b737ff311c76c687ab066172c212c5baf92d522158b7610e66131698cbe6a8703 WHIRLPOOL a22786d1e6f494ee8ce030594c1c1a0879a1bed9be34009163b2ae1b69ed94f94de8f75b4552015ad6921611f380bee50da5a93f7f2b97e09292177e77a80d1f
+MISC metadata.xml 346 SHA256 d96a485a9a8258b8e8b75b01b70101c1887d3c05f73fa95e879b48d5b254308d SHA512 016d009e180a6bca5a0dd17a4899f36c87edba7b9463fb3058c00c2d1ba0b49e27959d1b7c0804da2ac79f24f34a774ee1bbc525336aebf6b27c07ff45879092 WHIRLPOOL 0efbb03e30b86527ab73c07158409414363977216e3d135bb2423c2100a06e23650b673b5fc5e20afdb2210a37b255fa99f11d3ef4c21e7171db8c48546607af
diff --git a/www-apps/websvn/files/13_security_CVE-2013-6892.patch b/www-apps/websvn/files/13_security_CVE-2013-6892.patch
new file mode 100644
index 000000000000..ffb14e84aa11
--- /dev/null
+++ b/www-apps/websvn/files/13_security_CVE-2013-6892.patch
@@ -0,0 +1,39 @@
+Arbitrary files with a known path can be accessed in websvn by committing a
+symlink to a repository and then downloading the file (using the download
+link).
+
+Author: Thijs Kinkhorst <thijs@debian.org>
+
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775682
+
+diff -ur oud/dl.php nieuw/dl.php
+--- oud/dl.php 2015-01-18 16:03:30.688791512 +0100
++++ nieuw/dl.php 2015-01-18 16:27:00.950897749 +0100
+@@ -137,6 +137,18 @@
+ exit(0);
+ }
+
++ // For security reasons, disallow direct downloads of filenames that
++ // are a symlink, since they may be a symlink to anywhere (/etc/passwd)
++ // Deciding whether the symlink is relative and legal within the
++ // repository would be nice but seems to error prone at this moment.
++ if ( is_link($tempDir.DIRECTORY_SEPARATOR.$archiveName) ) {
++ header('HTTP/1.x 500 Internal Server Error', true, 500);
++ error_log('to be downloaded file is symlink, aborting: '.$archiveName);
++ print 'Download of symlinks disallowed: "'.xml_entities($archiveName).'".';
++ removeDirectory($tempDir);
++ exit(0);
++ }
++
+ // Set timestamp of exported directory (and subdirectories) to timestamp of
+ // the revision so every archive of a given revision has the same timestamp.
+ $revDate = $logEntry->date;
+@@ -180,7 +192,7 @@
+ $downloadMimeType = 'application/x-zip';
+ $downloadArchive .= '.zip';
+ // Create zip file
+- $cmd = $config->zip.' -r '.quote($downloadArchive).' '.quote($archiveName);
++ $cmd = $config->zip.' --symlinks -r '.quote($downloadArchive).' '.quote($archiveName);
+ execCommand($cmd, $retcode);
+ if ($retcode != 0) {
+ error_log('Unable to call zip command: '.$cmd);
diff --git a/www-apps/websvn/files/30_CVE-2016-2511.patch b/www-apps/websvn/files/30_CVE-2016-2511.patch
new file mode 100644
index 000000000000..9c270bbc4582
--- /dev/null
+++ b/www-apps/websvn/files/30_CVE-2016-2511.patch
@@ -0,0 +1,11 @@
+--- orig/include/setup.php 2016-02-19 16:02:05.674756241 +0100
++++ new/include/setup.php 2016-02-19 16:02:10.166832543 +0100
+@@ -467,7 +467,7 @@
+ $vars['validationurl'] = getFullURL($_SERVER['SCRIPT_NAME']).'?'.buildQuery($queryParams + array('template' => $template, 'language' => $language), '%26');
+
+ // To avoid a possible XSS exploit, need to clean up the passed-in path first
+-$path = !empty($_REQUEST['path']) ? $_REQUEST['path'] : null;
++$path = !empty($_REQUEST['path']) ? escape($_REQUEST['path']) : null;
+ if ($path === null || $path === '')
+ $path = '/';
+ $vars['safepath'] = escape($path);
diff --git a/www-apps/websvn/files/31_CVE-2016-1236.patch b/www-apps/websvn/files/31_CVE-2016-1236.patch
new file mode 100644
index 000000000000..13ff2be66f86
--- /dev/null
+++ b/www-apps/websvn/files/31_CVE-2016-1236.patch
@@ -0,0 +1,61 @@
+Description: CVE-2016-1236: XSS via directory or file in a repository containing XSS payload
+Origin: vendor
+Forwarded: no
+Author: Nitin Venkatesh <venkatesh.nitin@gmail.com>
+Reviewed-by: Salvatore Bonaccorso <carnil@debian.org>
+Last-Update: 2016-05-08
+
+--- a/revision.php
++++ b/revision.php
+@@ -145,7 +145,7 @@ if ($rep) {
+ }
+ $resourceExisted = $change->action == 'M' || $change->copyfrom;
+ $listing[] = array(
+- 'path' => $change->path,
++ 'path' => escape($change->path),
+ 'oldpath' => $change->copyfrom ? $change->copyfrom.' @ '.$change->copyrev : '',
+ 'action' => $change->action,
+ 'added' => $change->action == 'A',
+--- a/log.php
++++ b/log.php
+@@ -323,6 +323,9 @@ if ($rep) {
+ $listing[$index]['revadded'] = (isset($modpaths['A'])) ? implode('<br/>', $modpaths['A']) : '';
+ $listing[$index]['revdeleted'] = (isset($modpaths['D'])) ? implode('<br/>', $modpaths['D']) : '';
+ $listing[$index]['revmodified'] = (isset($modpaths['M'])) ? implode('<br/>', $modpaths['M']) : '';
++ $listing[$index]['revadded'] = escape($listing[$index]['revadded']);
++ $listing[$index]['revdeleted'] = escape($listing[$index]['revdeleted']);
++ $listing[$index]['revmodified'] = escape($listing[$index]['revmodified']);
+ }
+
+ $row = 1 - $row;
+--- a/comp.php
++++ b/comp.php
+@@ -381,7 +381,7 @@ if ($rep) {
+ $absnode .= $node;
+ }
+
+- $listing[$index]['newpath'] = $absnode;
++ $listing[$index]['newpath'] = escape($absnode);
+
+ $listing[$index]['fileurl'] = $config->getURL($rep, $absnode, 'file').'rev='.$rev2;
+
+--- a/listing.php
++++ b/listing.php
+@@ -123,7 +123,7 @@ function showDirFiles($svnrep, $subs, $l
+ $listing[$index]['level'] = ($treeview) ? $level : 0;
+ $listing[$index]['node'] = 0; // t-node
+ $listing[$index]['path'] = $path.$file;
+- $listing[$index]['filename'] = $file;
++ $listing[$index]['filename'] = escape($file);
+ if ($isDir) {
+ $listing[$index]['fileurl'] = urlForPath($path.$file, $passRevString);
+ } else {
+@@ -137,7 +137,7 @@ function showDirFiles($svnrep, $subs, $l
+ }
+
+ if ($treeview) {
+- $listing[$index]['compare_box'] = '<input type="checkbox" name="compare[]" value="'.$path.$file.'@'.$passrev.'" onclick="checkCB(this)" />';
++ $listing[$index]['compare_box'] = '<input type="checkbox" name="compare[]" value="'.escape($path.$file).'@'.$passrev.'" onclick="checkCB(this)" />';
+ }
+ if ($config->showLastModInListing()) {
+ $listing[$index]['committime'] = $entry->committime;
diff --git a/www-apps/websvn/metadata.xml b/www-apps/websvn/metadata.xml
new file mode 100644
index 000000000000..23492929dea5
--- /dev/null
+++ b/www-apps/websvn/metadata.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="project">
+ <email>web-apps@gentoo.org</email>
+ <name>Gentoo Webapps</name>
+ </maintainer>
+ <longdescription>
+ Web based Subversion repository browser written in PHP
+ </longdescription>
+</pkgmetadata>
diff --git a/www-apps/websvn/websvn-2.3.3-r1.ebuild b/www-apps/websvn/websvn-2.3.3-r1.ebuild
new file mode 100644
index 000000000000..285fce66b2fb
--- /dev/null
+++ b/www-apps/websvn/websvn-2.3.3-r1.ebuild
@@ -0,0 +1,53 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit webapp
+
+MY_P="${P//_/}"
+
+DESCRIPTION="Web-based browsing tool for Subversion (SVN) repositories in PHP"
+HOMEPAGE="http://www.websvn.info/ http://websvn.tigris.org/"
+DOWNLOAD_NUMBER="49056"
+SRC_URI="http://websvn.tigris.org/files/documents/1380/${DOWNLOAD_NUMBER}/${MY_P}.tar.gz"
+
+LICENSE="GPL-2"
+IUSE="enscript"
+KEYWORDS="amd64 ppc ppc64 ~sparc x86"
+
+DEPEND=""
+RDEPEND="dev-lang/php:*[xml]
+ dev-vcs/subversion
+ virtual/httpd-php:*
+ enscript? ( app-text/enscript )"
+RESTRICT="mirror"
+
+PATCHES=(
+ "${FILESDIR}/13_security_CVE-2013-6892.patch"
+ "${FILESDIR}/30_CVE-2016-2511.patch"
+ "${FILESDIR}/31_CVE-2016-1236.patch"
+)
+
+S="${WORKDIR}/${MY_P}"
+
+src_install() {
+ webapp_src_preinst
+
+ DOCS=( changes.txt )
+ HTML_DOCS=( doc/* )
+ einstalldocs
+
+ mv include/{dist,}config.php
+ rm -rf license.txt changes.txt doc/
+
+ insinto "${MY_HTDOCSDIR}"
+ doins -r .
+
+ webapp_configfile "${MY_HTDOCSDIR}"/include/config.php
+ webapp_configfile "${MY_HTDOCSDIR}"/wsvn.php
+
+ webapp_serverowned "${MY_HTDOCSDIR}"/cache
+
+ webapp_src_install
+}