diff options
| author | rea <rea@FreeBSD.org> | 2014-10-31 23:40:27 +0800 |
|---|---|---|
| committer | rea <rea@FreeBSD.org> | 2014-10-31 23:40:27 +0800 |
| commit | ace0c86e9ea9d033dc666a909bb8553819594e8d (patch) | |
| tree | 8b227aab8823f24aa16c959b7df650f63bca368f /www | |
| parent | 28b0d2d2bfa75cc849b4b78d6ff9719268622e6a (diff) | |
| download | freebsd-ports-gnome-ace0c86e9ea9d033dc666a909bb8553819594e8d.tar.gz freebsd-ports-gnome-ace0c86e9ea9d033dc666a909bb8553819594e8d.tar.zst freebsd-ports-gnome-ace0c86e9ea9d033dc666a909bb8553819594e8d.zip | |
TWiki: fix CVE-2014-7236
This is remote Perl code execution via crafted GET variable "debugenableplugins",
http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-7236
MFH: 2014Q4
Security: 21ce1840-6107-11e4-9e84-0022156e8794
Diffstat (limited to 'www')
| -rw-r--r-- | www/twiki/Makefile | 3 | ||||
| -rw-r--r-- | www/twiki/files/patch-cve-2014-7236 | 17 |
2 files changed, 20 insertions, 0 deletions
diff --git a/www/twiki/Makefile b/www/twiki/Makefile index 848854449fcb..fcbf3be96958 100644 --- a/www/twiki/Makefile +++ b/www/twiki/Makefile @@ -3,6 +3,7 @@ PORTNAME= twiki PORTVERSION= 5.1.4 +PORTREVISION= 1 PORTEPOCH= 1 CATEGORIES= www MASTER_SITES= SF/${PORTNAME}/TWiki%20for%20all%20Platforms/${DISTNAME} \ @@ -29,6 +30,8 @@ RUN_DEPENDS= \ USES= perl5 tar:tgz WRKSRC= ${WRKDIR}/twiki +USES+= cpe + post-extract: @${RM} -rf ${WRKSRC}/lib/CPAN @${CAT} ${.CURDIR}/../twiki-*/pkg-plist |\ diff --git a/www/twiki/files/patch-cve-2014-7236 b/www/twiki/files/patch-cve-2014-7236 new file mode 100644 index 000000000000..3c8f0797b855 --- /dev/null +++ b/www/twiki/files/patch-cve-2014-7236 @@ -0,0 +1,17 @@ +Obtained-from: http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-7236 +--- lib/TWiki/Plugins.pm.save1 2014-01-09 02:10:56.000000000 -0500 ++++ lib/TWiki/Plugins.pm 2014-10-01 20:30:36.000000000 -0400 +@@ -186,8 +186,11 @@ + + unless( $allDisabled ) { + if ( $query && defined( $query->param( 'debugenableplugins' ))) { +- @pluginList = split( /[,\s]+/, +- $query->param( 'debugenableplugins' )); ++ @pluginList = ++ grep { /Plugin$/ } ++ map { s/[^a-zA-Z0-9]//go; $_ } # Item7558: Sanitize parameter ++ split( /[,\s]+/, $query->param( 'debugenableplugins' )); ++ + } else { + if( $TWiki::cfg{PluginsOrder} ) { + foreach my $plugin( split( /[,\s]+/, |