Update to 0.11 Patch Level 1 and fix cross site scripting vulnerability

Release info: http://rubyforge.org/frs/shownotes.php?group_id=186&release_id=10014 Security: http://golem.ph.utexas.edu/~distler/blog/archives/001181.html PR: 111407 Submitted by: Alexander Logvinov <ports AT logvinov.com> Approved by: clsung (mentor) Security: http://golem.ph.utexas.edu/~distler/blog/archives/001181.html
author: lwhsu <lwhsu@FreeBSD.org> 2007-04-10 11:19:12 +0800
committer: lwhsu <lwhsu@FreeBSD.org> 2007-04-10 11:19:12 +0800
commit: f426c95c85c05476fd2abf7aad80d943f368bdf8 (patch)
tree: 24f05c185726182c1dca420e4190a7dc09127757 /www
parent: c59b817325ed239dbd4b0937302bb8e58517efec (diff)
download: freebsd-ports-gnome-f426c95c85c05476fd2abf7aad80d943f368bdf8.tar.gz
freebsd-ports-gnome-f426c95c85c05476fd2abf7aad80d943f368bdf8.tar.zst
freebsd-ports-gnome-f426c95c85c05476fd2abf7aad80d943f368bdf8.zip
4 files changed, 19 insertions, 13 deletions
diff --git a/www/instiki/Makefile b/www/instiki/Makefile
index 4f686bb82093..6437a29f215b 100644
--- a/www/instiki/Makefile
+++ b/www/instiki/Makefile
@@ -7,10 +7,11 @@
 
 PORTNAME=	instiki
 PORTVERSION=	0.11.0
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES=	www ruby
 MASTER_SITES=	${MASTER_SITE_RUBYFORGE}
 MASTER_SITE_SUBDIR=	${PORTNAME}
+DISTNAME=	${PORTNAME}-0.11.pl1
 EXTRACT_SUFX=	.tgz
 
 MAINTAINER=	ports@FreeBSD.org
@@ -40,6 +41,7 @@ do-build:
 	  rake environment RAILS_ENV=production migrate )
 
 do-install:
+	@${FIND} -E ${WRKSRC} -type f -iregex ".*\._.+" -exec ${RM} "{}" \;
 	${CP} -pR ${WRKSRC}/ ${PREFIX}/${INSTIKIDIR}
 	${CP} ${PREFIX}/${INSTIKIDIR}/db/production.db.sqlite3 \
 		${PREFIX}/${INSTIKIDIR}/db/default.db.sqlite3
diff --git a/www/instiki/distinfo b/www/instiki/distinfo
index c3c71dd73ad3..bfb7c7a573b4 100644
--- a/www/instiki/distinfo
+++ b/www/instiki/distinfo
@@ -1,3 +1,3 @@
-MD5 (instiki-0.11.0.tgz) = c8d86d05ef9a801e21e12d661fc737ab
-SHA256 (instiki-0.11.0.tgz) = 4bc1315c73ecf2dbaef9c243b5073aa49ca3ea2c64a61c54b8fd57e4baf039ce
-SIZE (instiki-0.11.0.tgz) = 1483964
+MD5 (instiki-0.11.pl1.tgz) = 42859487777cf56199cfe8c343a9c33b
+SHA256 (instiki-0.11.pl1.tgz) = 777fc053818b139b0aac7dd96d274a194b93d35dbfb70d0d8a8aa2d3e49a27d8
+SIZE (instiki-0.11.pl1.tgz) = 1344168
diff --git a/www/instiki/files/bluecloth-patch-lib-chunks-engines-rb b/www/instiki/files/bluecloth-patch-lib-chunks-engines-rb
index 7be347bfa6a4..1bab7ab32dda 100644
--- a/www/instiki/files/bluecloth-patch-lib-chunks-engines-rb
+++ b/www/instiki/files/bluecloth-patch-lib-chunks-engines-rb
@@ -1,12 +1,12 @@
---- lib/chunks/engines.rb.orig	Sun Mar 12 15:57:24 2006
-+++ lib/chunks/engines.rb	Tue Jun  6 22:45:16 2006
-@@ -35,7 +35,8 @@
- 
-   class Markdown < AbstractEngine
+--- lib/chunks/engines.rb.orig	Wed Feb 28 06:09:26 2007
++++ lib/chunks/engines.rb	Mon Apr  9 22:22:51 2007
+@@ -40,7 +40,8 @@
+     require_dependency 'sanitize'
+     include Sanitize
      def mask
 -      require_dependency 'bluecloth_tweaked'
 +      require_dependency 'rubygems'
 +      require_gem 'BlueCloth'
-       BlueCloth.new(@content, @content.options[:engine_opts]).to_html
+       html = BlueCloth.new(@content, @content.options[:engine_opts]).to_html
+       sanitize_html(html)
      end
-   end
diff --git a/www/instiki/pkg-plist b/www/instiki/pkg-plist
index c8466ef5102f..7c4038398d21 100644
--- a/www/instiki/pkg-plist
+++ b/www/instiki/pkg-plist
@@ -61,9 +61,9 @@
 %%INSTIKIDIR%%db/default.db.sqlite3
 %%INSTIKIDIR%%db/schema.rb
 %%INSTIKIDIR%%instiki
+%%INSTIKIDIR%%instiki.bat
 %%INSTIKIDIR%%instiki.cmd
 %%INSTIKIDIR%%instiki.rb
-%%INSTIKIDIR%%instiki.sh
 %%INSTIKIDIR%%lib/bluecloth_tweaked.rb
 %%INSTIKIDIR%%lib/chunks/category.rb
 %%INSTIKIDIR%%lib/chunks/chunk.rb
@@ -74,15 +74,17 @@
 %%INSTIKIDIR%%lib/chunks/test.rb
 %%INSTIKIDIR%%lib/chunks/uri.rb
 %%INSTIKIDIR%%lib/chunks/wiki.rb
+%%INSTIKIDIR%%lib/db_structure.rb
 %%INSTIKIDIR%%lib/diff.rb
 %%INSTIKIDIR%%lib/instiki_errors.rb
-%%INSTIKIDIR%%lib/native/linux/libsqlite3.so
 %%INSTIKIDIR%%lib/native/win32/sqlite3.dll
 %%INSTIKIDIR%%lib/native/win32/sqlite3_api.so
+%%INSTIKIDIR%%lib/node.rb
 %%INSTIKIDIR%%lib/page_renderer.rb
 %%INSTIKIDIR%%lib/rdocsupport.rb
 %%INSTIKIDIR%%lib/redcloth.rb
 %%INSTIKIDIR%%lib/redcloth_for_tex.rb
+%%INSTIKIDIR%%lib/sanitize.rb
 %%INSTIKIDIR%%lib/url_generator.rb
 %%INSTIKIDIR%%lib/wiki_content.rb
 %%INSTIKIDIR%%lib/wiki_words.rb
@@ -127,6 +129,7 @@
 %%INSTIKIDIR%%script/benchmarker
 %%INSTIKIDIR%%script/breakpointer
 %%INSTIKIDIR%%script/console
+%%INSTIKIDIR%%script/create_db
 %%INSTIKIDIR%%script/destroy
 %%INSTIKIDIR%%script/generate
 %%INSTIKIDIR%%script/import_storage
@@ -153,6 +156,7 @@
 %%INSTIKIDIR%%test/unit/page_renderer_test.rb
 %%INSTIKIDIR%%test/unit/page_test.rb
 %%INSTIKIDIR%%test/unit/redcloth_for_tex_test.rb
+%%INSTIKIDIR%%test/unit/sanitize_test.rb
 %%INSTIKIDIR%%test/unit/uri_test.rb
 %%INSTIKIDIR%%test/unit/web_test.rb
 %%INSTIKIDIR%%test/unit/wiki_file_test.rb
author	lwhsu <lwhsu@FreeBSD.org>	2007-04-10 11:19:12 +0800
committer	lwhsu <lwhsu@FreeBSD.org>	2007-04-10 11:19:12 +0800
commit	f426c95c85c05476fd2abf7aad80d943f368bdf8 (patch)
tree	24f05c185726182c1dca420e4190a7dc09127757 /www
parent	c59b817325ed239dbd4b0937302bb8e58517efec (diff)
download	freebsd-ports-gnome-f426c95c85c05476fd2abf7aad80d943f368bdf8.tar.gz freebsd-ports-gnome-f426c95c85c05476fd2abf7aad80d943f368bdf8.tar.zst freebsd-ports-gnome-f426c95c85c05476fd2abf7aad80d943f368bdf8.zip