diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2013-04-12 10:49:24 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-04-12 10:51:24 +0000 |
| commit | fad8b74f852feb2d12f1f967c294e3a20560534a (patch) | |
| tree | b1b4e7f99e5ffa354b53cc5ed45368767c78be5a /main/smokeping | |
| parent | ddfb89a1758231264a547accabfb1de71ed50b63 (diff) | |
| download | aports-fad8b74f852feb2d12f1f967c294e3a20560534a.tar.bz2 aports-fad8b74f852feb2d12f1f967c294e3a20560534a.tar.xz | |
main/smokeping: yet another XSS fix
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659899#155
Diffstat (limited to 'main/smokeping')
| -rw-r--r-- | main/smokeping/APKBUILD | 14 | ||||
| -rw-r--r-- | main/smokeping/xss-fix-from-Steven-Chamberlain.patch | 28 |
2 files changed, 37 insertions, 5 deletions
diff --git a/main/smokeping/APKBUILD b/main/smokeping/APKBUILD index 53fb5bca8..b3c6a62f0 100644 --- a/main/smokeping/APKBUILD +++ b/main/smokeping/APKBUILD @@ -2,14 +2,15 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=smokeping pkgver=2.6.9 -pkgrel=0 +pkgrel=1 pkgdesc="Smokeping network latency monitoring" pkgusers="smokeping" pkggroups="smokeping" install="$pkgname.pre-install" url="http://oss.oetiker.ch/smokeping/" source="http://oss.oetiker.ch/smokeping/pub/smokeping-$pkgver.tar.gz - smokeping.initd" + smokeping.initd + xss-fix-from-Steven-Chamberlain.patch" depends="perl fping rrdtool perl-rrd perl-uri perl-digest-hmac @@ -125,8 +126,11 @@ package() { } md5sums="0c2361b734866dd37facf2af3f8f7144 smokeping-2.6.9.tar.gz -a63b42b8165f9c728706ac112658548b smokeping.initd" +a63b42b8165f9c728706ac112658548b smokeping.initd +cee64c8fe5d813534dfb29c2cd3a1324 xss-fix-from-Steven-Chamberlain.patch" sha256sums="cd551d4384d8b19879d128ea0566bd680c19bb4ad8664a3c5a304604746f8863 smokeping-2.6.9.tar.gz -1b83d2e35e922e71bb3c91deee7c247cfbaebe47022451aabde87b790c5a61ca smokeping.initd" +1b83d2e35e922e71bb3c91deee7c247cfbaebe47022451aabde87b790c5a61ca smokeping.initd +f7750494a81e56dac2d8c7bc996eb63ac590168fff92d237e883807c036f07ac xss-fix-from-Steven-Chamberlain.patch" sha512sums="ab3cec15fd9f90510f902da7ce5bac5915558cac198cc88f0ce193a53a0158c9055e28c8c6671cc6653ac42ab51346e1eb19e537f1ab5c234fd498c6b777499d smokeping-2.6.9.tar.gz -b1d6f769b870a14856f4e4f6e699d6a9eb7744d9c447e5cd799cf21dd1eb83807aaa270029e15a49c709e8a9160c395d264bcc1d3281233160e2a907e61473ad smokeping.initd" +b1d6f769b870a14856f4e4f6e699d6a9eb7744d9c447e5cd799cf21dd1eb83807aaa270029e15a49c709e8a9160c395d264bcc1d3281233160e2a907e61473ad smokeping.initd +ab13cbf69a8b7d9cce7684eaf6a61ff5d827bcd4abc04cec7df47a97ab4d73eac5034addcb8e061ced246a2dcff69d04a9114b89e6c20014e2f3eb6c8fff0c11 xss-fix-from-Steven-Chamberlain.patch" diff --git a/main/smokeping/xss-fix-from-Steven-Chamberlain.patch b/main/smokeping/xss-fix-from-Steven-Chamberlain.patch new file mode 100644 index 000000000..ba1e25f46 --- /dev/null +++ b/main/smokeping/xss-fix-from-Steven-Chamberlain.patch @@ -0,0 +1,28 @@ +From bad9f9c28f0939b269f90072aa4cf41f20f15563 Mon Sep 17 00:00:00 2001 +From: Tobias Oetiker <tobi@oetiker.ch> +Date: Sun, 17 Mar 2013 13:11:10 +0100 +Subject: [PATCH] xss fix from Steven Chamberlain + +--- + lib/Smokeping.pm | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/lib/Smokeping.pm b/lib/Smokeping.pm +index cec130a..080b538 100644 +--- a/lib/Smokeping.pm ++++ b/lib/Smokeping.pm +@@ -1028,8 +1028,9 @@ sub smokecol ($) { + + sub parse_datetime($){ + my $in = shift; +- for ($in){ +- /^(\d+)$/ && do { my $value = $1; $value = time if $value > 2**32; return $value}; ++ for ($in){ ++ $in =~ s/$xssBadRx/_/g; ++ /^(\d+)$/ && do { my $value = $1; $value = time if $value > 2**32; return $value}; + /^\s*(\d{4})-(\d{1,2})-(\d{1,2})(?:\s+(\d{1,2}):(\d{2})(?::(\d{2}))?)?\s*$/ && + return POSIX::mktime($6||0,$5||0,$4||0,$3,$2-1,$1-1900,0,0,-1); + /^now$/ && return time; +-- +1.8.1.5 + |